Peer-to-peer resource resolution

ABSTRACT

A system and method for sending, resolving, and receiving queries for information on the status of network resources. A peer computing system may include one or more resolver nodes on a network for resolving queries for a resource to particular resource instances. The resolver nodes may receive query messages from peer nodes on the network. Each query message may request information about a resource implemented by one or more peer nodes on the network. The query messages may be formatted in accordance with a peer resolver protocol. The resolver node may determine a particular instance of the resource hosted on a particular peer node to receive the query. The resolver node may use a variety of criteria to determine a particular resource instance. The resolver node may forward the query message to the determined resource instance.

PRIORITY INFORMATION

This application claims benefit of priority to the following provisionalapplications, each of which is hereby incorporated by reference in itsentirety:

Ser. No. 60/263,573 filed Jan. 22, 2001 titled Peer-to-Peer NetworkComputing Platform;

Ser. No. 60/268,893 filed Feb. 14, 2001 titled Peer-to-Peer NetworkComputing Platform;

Ser. No. 60/286,225 filed Apr. 24, 2001 titled Peer-to-Peer NetworkComputing Platform; and

Ser. No. 60/308,932 filed Jul. 31, 2001 titled Trust Mechanism For APeer-To-Peer Network Computing Platform.

BACKGROUND OF THE INVENTION

1. Field of the Invention

This invention relates to peer-to-peer networking, and more particularlyto sending, resolving, and receiving queries for information on thestatus of network resources in a peer-to-peer network computingenvironment.

2. Description of the Related Art

The Internet has three valuable fundamental assets—information,bandwidth, and computing resources—all of which are vastlyunderutilized, partly due to the traditional client-server computingmodel. No single search engine or portal can locate and catalog theever-increasing amount of information on the Web in a timely way.Moreover, a huge amount of information is transient and not subject tocapture by techniques such as Web crawling. For example, research hasestimated that the world produces two exabytes or about 2×10¹⁸ bytes ofinformation every year, but only publishes about 300 terabytes or about3×10¹² bytes. In other words, for every megabyte of informationproduced, only one byte gets published. Moreover, Google claims that itsearches about only 1.3×10^8 web pages. Thus, finding useful informationin real time is increasingly difficult.

Although miles of new fiber have been installed, the new bandwidth getslittle use if everyone goes to one site for content and to another sitefor auctions. Instead, hot spots just get hotter while cold pipes remaincold. This is partly why most people still feel the congestion over theInternet while a single fiber's bandwidth has increased by a factor of10^6 since 1975, doubling every 16 months.

New processors and storage devices continue to break records in speedand capacity, supporting more powerful end devices throughout thenetwork. However, computation continues to accumulate around datacenters, which have to increase their workloads at a crippling pace,thus putting immense pressure on space and power consumption.

Finally, computer users in general are accustomed to computer systemsthat are deterministic and synchronous in nature, and think of such astructure as the norm. For example, when a browser issues a URL requestfor a Web page, the output is typically expected to appear shortlyafterwards. It is also typically expected that everyone around the worldwill be able to retrieve the same page from the same Web server usingthe same URL.

The term peer-to-peer networking or computing (often referred to as P2P)may be applied to a wide range of technologies that greatly increase theutilization of information, bandwidth, and computing resources in theInternet. Frequently, these P2P technologies adopt a network-basedcomputing style that neither excludes nor inherently depends oncentralized control points. Apart from improving the performance ofinformation discovery, content delivery, and information processing,such a style also can enhance the overall reliability andfault-tolerance of computing systems.

Peer-to-peer (P2P) computing, embodied by applications like Napster,Gnutella, and Freenet, has offered a compelling and intuitive way forInternet users to find and share resources directly with each other,often without requiring a central authority or server. As much as thesediverse applications have broken new ground, they typically address onlya single function, run primarily only on a single platform, and areunable to directly share data with other, similar applications.

Many peer-to-peer systems are built for delivering a single type ofservice. For example, Napster provides music file sharing, Gnutellaprovides generic file sharing, and AIM provides instant messaging. Giventhe diverse characteristics of these services and the lack of a commonunderlying P2P infrastructure, each P2P software vendor tends to createincompatible systems—none of them able to interoperate with one another.This means each vendor creates its own P2P user community, duplicatingefforts in creating software and system primitives commonly used by allP2P systems. Moreover, for a peer to participate in multiple communitiesorganized by different P2P implementations, the peer must supportmultiple implementations, each for a distinct P2P system or community,and serve as the aggregation point.

Many P2P systems today offer their features or services through a set ofAPIs that are delivered on a particular operating system using aspecific networking protocol. For example, one system might offer a setof C++ APIs, with the system initially running only on Windows, overTCP/IP, while another system offers a combination and C and Java APIs,running on a variety of UNIX systems, over TCP/IP but also requiringHTTP. A P2P developer is then forced to choose which set of APIs toprogram to, and consequently, which set of P2P customers to target.Because there is little hope that the two systems will interoperate, ifthe developer wants to offer the same service to both communities, theyhave to develop the same service twice for two P2P platforms or developa bridge system between them. Both approaches are inefficient andimpractical considering the dozens of P2P platforms in existence.

Many P2P systems, especially those being offered by upstart companies,tend to choose one operating system as their target deployment platform.The cited reason for this choice is to target the largest installed baseand the fastest path to profit. The inevitable result is that manydependencies on platform-specific features are designed into (or justcreep into) the system. This is often not the consequence of technicaldesire but of engineering reality with its tight schedules and limitedresources.

This approach is clearly shortsighted. Even though the earliestdemonstration of P2P capabilities are on platforms in the middle of thecomputing hardware spectrum, it is very likely that the greatestproliferation of P2P technology will occur at the two ends of thespectrum—large systems in the enterprise and consumer-oriented smallsystems. In fact, betting on any particular segment of the hardware orsoftware system is not future proof.

FIGS. 1A and 1B are examples illustrating the peer-to-peer model. FIG.1A shows two peer devices 104A and 104B that are currently connected.Either of the two peer devices 104 may serve as a client of or a serverto the other device. FIG. 1B shows several peer devices 104 connectedover the network 106 in a peer group. In the peer group, any of the peerdevices 104 may serve as a client of or a server to any of the otherdevices.

Prior art peer-to-peer systems are generally built for delivering asingle type of service, for example a music file sharing service, ageneric file sharing service, or an instant messaging service. Given thediverse characteristics of these services and given the lack of a commonunderlying peer-to-peer infrastructure, each vendor tends to formvarious peer-to-peer “silos”. In other words, the prior art peer-to-peersystems typically do not interoperate with each other. This means eachvendor has to create its own peer-to-peer user community, duplicatingefforts in creating primitives commonly used by peer-to-peer systemssuch as peer discovery and peer communication.

Discovery in a peer-to-peer environment may be based on centralizeddiscovery with a centralized index. This method is used by suchpeer-to-peer applications as Napster and AIM. Discovery based on acentralized index may be efficient, deterministic, and well suited for astatic environment. Such a method of discovery may also providecentralized control, provide a central point of failure, and provideeasy denial of services. However, such a method of discovery may beexpensive to scale and may degrade with aging.

Discovery in a peer-to-peer environment may also be based on netcrawling. This method is used by such peer-to-peer applications asGnutella and FreeNet. Discovery based on net crawling may be simple,adaptive, deterministic, inexpensive to scale, well suited for a dynamicenvironment, and may be difficult to attack. Such a method of discoverymay also improve with aging. However, such a method of discovery mayprovide slower discovery than centralized control.

In a peer-to-peer environment, assume there is a peer-to-peer communityoffering a search capability for its members, where one member can posta query and other members can hear and respond to the query. One memberis a Napster user and has implemented a feature so that, whenever aquery is received seeking an MP3 file, this member will look up theNapster directory and then respond to the query with informationreturned by the Napster system. Here, a member without any knowledge ofNapster may benefit because another member implemented a bridge toconnect their peer-to-peer system to Napster. This type of bridging isvery useful, but when the number of services is large, pair-wisebridging becomes more difficult and undesirable. Thus, it may bedesirable to provide a platform bridge that may be used to connectvarious peer-to-peer systems together.

In another example, one engineering group requires a sizable storagecapability, but also with redundancy to protect data from sudden loss. Acommon solution is to purchase a storage system with a large capacityand mirrored disks. Another engineering group later decides to purchasethe same system. Both groups end up with a lot of extra capacity, andhave to pay higher prices for the mirroring feature. Thus, it may bedesirable to provide a mechanism by which each group may buy a simplestorage system without the mirroring feature, where the disks can thendiscover each other automatically, form a storage peer group, and offermirroring facilities using their spare capacity.

As yet another example, many devices such as cell phones, pagers,wireless email devices, Personal Digital Assistants (PDAs), and PersonalComputers (PCs) may carry directory and calendar information. Currently,synchronization among the directory and calendar information on thesedevices is very tedious, if not impossible. Often, a PC becomes thecentral synchronization point, where every other device has to figureout a way to connect to the PC (using serial port, parallel port, IRDA,or other method) and the PC must have the device driver for every devicethat wishes to connect. Thus, it may be desirable to provide a mechanismby which these devices may interact with each other, without extranetworking interfaces except those needed by the devices themselves,utilizing a common layer of communication and data exchange.

Prior art peer-to-peer message protocols typically require registeredmessage handlers for each resource and/or set message tags to ensureuniqueness of tags. It may be desirable to provide a generic messageprotocol and message resolution mechanism for a peer-to-peer environmentthat allows peers to send queries and receive responses and that doesnot require registered message handlers for each resource and does notrequire set message tags.

SUMMARY OF THE INVENTION

A peer computing system may comprise a plurality of peer nodes that maybe on a network. The plurality of peer nodes may implement apeer-to-peer environment on the network in accordance with one or morepeer-to-peer platform protocols. The protocols may enable the pluralityof peer nodes to discover each other, communicate with each other, andcooperate with each other to form peer groups and share networkresources in the peer-to-peer environment.

The peer computing system may include one or more resolver nodes forresolving queries for a resource to particular resource instances. Theresolver nodes may be peer nodes implementing a resolver serviceaccording to a peer resolver protocol. The resolver nodes may receivequery messages from peer nodes. Each query message may requestinformation about a resource implemented by one or more of the peernodes. The query messages may be formatted in accordance with a peerresolver protocol.

The resolver node may determine a particular instance of the resourcehosted on a particular peer nodes to receive the query message. Theresolver node may use a variety of criteria to determine a particularresource instance. The resolver node may forward the query message tothe determined resource implementation.

Resources may include service, content, and applications, among others.The resources may implement one or more resource handlers to receiveincoming query messages. The resource handlers may parse the querymessage and generate a response message. Instances of the resource mayregister the resource handlers with one or more resolver nodes.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A illustrates a prior art example of two devices that arecurrently connected as peers;

FIG. 1B illustrates a prior art example of several peer devicesconnected over the network in a peer group;

FIG. 2 illustrates one embodiment of peer-to-peer platform softwarearchitecture at the conceptual level;

FIG. 3 illustrates an exemplary content identifier according to oneembodiment;

FIG. 4 illustrates a point-to-point pipe connection between peersaccording to one embodiment;

FIG. 5 illustrates a peer-to-peer platform message format according toone embodiment;

FIG. 6 illustrates the content of a peer advertisement according to oneembodiment;

FIG. 7 illustrates the content of a peer group advertisement accordingto one embodiment.

FIG. 8 illustrates the content of a pipe advertisement according to oneembodiment;

FIG. 9 illustrates the content of a service advertisement according toone embodiment;

FIG. 10 illustrates the content of a content advertisement according toone embodiment;

FIG. 11 illustrates the content of an endpoint advertisement accordingto one embodiment;

FIG. 12 illustrates protocols and bindings in a peer-to-peer platformaccording to one embodiment;

FIG. 13 illustrates discovery through a rendezvous proxy according toone embodiment;

FIG. 14 illustrates discovery through propagate proxies according to oneembodiment;

FIG. 15 illustrates using messages to discover advertisements accordingto one embodiment;

FIG. 16 illustrates one embodiment of using peer resolver protocolmessages between a requesting peer and a responding peer;

FIG. 17 illustrates one embodiment of using peer information protocolmessages between a requesting peer and a responding peer;

FIG. 18 illustrates several core components and how they interact fordiscovery and routing according to one embodiment;

FIG. 19 illustrates one embodiment of message routing in a peer-to-peernetwork that uses the peer-to-peer platform;

FIG. 20 illustrates traversing a firewall in a virtual private networkwhen access is initiated from outside only according to one embodiment;

FIG. 21 illustrates email exchange through an email gateway according toone embodiment;

FIG. 22 illustrates traversing a firewall when access is initiated fromthe inside according to one embodiment;

FIG. 23 illustrates embodiments of a peer-to-peer platform proxyservice, and shows various aspects of the operation of the proxyservice;

FIG. 24 illustrates a method of using a proxy service for peer groupregistration according to one embodiment;

FIG. 25 illustrates peer group registration across a firewall accordingto one embodiment;

FIG. 26 illustrates a method of providing peer group membership througha proxy service according to one embodiment;

FIGS. 27A and 27B illustrate a method of providing privacy in thepeer-to-peer platform according to one embodiment;

FIGS. 28A and 28B illustrate one embodiment of a method for using apeer-to-peer platform proxy service as a certificate authority.

FIG. 29 illustrates a peer node querying a resource through a resolverservice using the peer resolver protocol according to one embodiment.

FIG. 30 illustrates a peer node querying a resource through a resolverservice using the peer resolver protocol according to one embodiment.

FIG. 31 is a flowchart illustrating a method for a peer node querying aresource through a resolver service using the peer resolver protocolaccording to one embodiment.

FIG. 32 is a flowchart illustrating a method for a device to participatein a peer-to-peer environment and use the peer resolver protocolaccording to one embodiment.

While the invention is described herein by way of example for severalembodiments and illustrative drawings, those skilled in the art willrecognize that the invention is not limited to the embodiments ordrawings described. It should be understood, that the drawings anddetailed description thereto are not intended to limit the invention tothe particular form disclosed, but on the contrary, the intention is tocover all modifications, equivalents and alternatives falling within thespirit and scope of the present invention as defined by the appendedclaims. The headings used herein are for organizational purposes onlyand are not meant to be used to limit the scope of the description orthe claims. As used throughout this application, the word “may” is usedin a permissive sense (i.e., meaning having the potential to), ratherthan the mandatory sense (i.e., meaning must). Similarly, the words“include”, “including”, and “includes” mean including, but not limitedto.

DETAILED DESCRIPTION OF EMBODIMENTS OF THE INVENTION

Embodiments of an open network computing platform designed forpeer-to-peer computing are described. The network computing platform maybe referred to as a peer-to-peer platform. The peer-to-peer platform maybe used to build a wide range of distributed services and applicationsin which every device is addressable as a peer, and where peers canbridge from one domain into another. The peer-to-peer platform mayenable developers to focus on their own application development whileeasily creating distributed computing software that is flexible,interoperable, and available on any peer on the expanded Web. Thepeer-to-peer platform may enable software developers to deployinteroperable services and content, further spring-boarding thepeer-to-peer revolution on the Internet. The peer-to-peer platformaddresses the problems of prior art peer-to-peer systems by providing ageneric and service-agnostic peer-to-peer platform that may bepreferably defined by a small number of protocols. Each protocol ispreferably easy to implement and easy to be adopted into peer-to-peerservices and applications. Thus, service offerings from one vendor maybe used, perhaps transparently, by the user community of anothervendor's system.

The peer-to-peer platform extends P2P computing to enable a wide rangeof distributed computing applications and overcome the limitationstypically found in prior art P2P applications. The peer-to-peer platformis a network computing technology that provides a set of simple, small,and flexible mechanisms that can support P2P computing on any platform,anywhere, and at any time. The peer-to-peer platform generalizes P2Pfunctionality and provides core technology that addresses thelimitations of prior art P2P computing technologies.

The peer-to-peer platform is a modular platform that provides simple andessential building blocks for developing a wide range of distributedservices and applications. The peer-to-peer platform specifies a set ofprotocols rather than an API. Thus, the peer-to-peer platform can beimplemented in any language on any Operating System to provide solutionsranging from providing a simple protocol-based wrapper that enables asmall device to join a network of peers to developing a fully integratedapplication that supports metering, monitoring, high-level security andcommunication across server-class systems.

In one embodiment, the peer-to-peer platform architecture may include,but is not limited to, protocols, advertisements, and core services.Network protocol bindings may be used to preferably ensureinteroperability with existing content transfer protocols, networktransports, routers, and firewalls. The peer-to-peer platform may beused to combine network nodes (peers) into a simple and coherentpeer-to-peer network computing platform. The platform is preferablydirected at providing several benefits including, but not limited to, nosingle point of failure, asynchronous messaging, the ability for peersto adapt to their network environment, and moving content towards itsconsumers.

FIG. 2 illustrates one embodiment of peer-to-peer platform softwarearchitecture at the conceptual level. The peer-to-peer platform mayinclude several layers. In one embodiment, the software stack may bedescribed using three layers; a peer-to-peer platform (core) layer 120,a service layer 140 and an application layer 150. In one embodiment, thepeer-to-peer platform may include a core layer 120 that defines andencapsulates minimal primitives that are common to peer-to-peernetworking, including, but not limited to, peers 110, peer groups 122,peer discovery 124, peer communication (e.g. pipes) 126, peer monitoring128, and associated security primitives 130. This layer may be shared byall peer-to-peer devices so that interoperability becomes possible.

A peer may be defined as any entity that runs some or all of one or moreprotocols provided by the peer-to-peer platform core layer. As such, apeer may manifest in the form of a processor, a process or a device. Apeer may be anything with a digital heartbeat that supports thepeer-to-peer platform core, including sensors, servers, PCs, computersup to and including supercomputers, PDAs, manufacturing and medicalequipment, phones and cellular phones. In order to interact with otherpeers (e.g. to form or join peer groups), the peer needs to be connectedto some kind of network (wired or wireless), such as IP, Bluetooth, orHavi, among others.

The peer-to-peer platform may provide mechanisms through which peers maydiscover each other, communicate with each other, and cooperate witheach other to form peer groups. Peers may discover each other on thenetwork to form transient or persistent relationships called peergroups. A peer group is a collection of peers connected by a networkthat share a common set of interests and that have agreed upon a commonset of rules to publish, share and access any computer content (code,data, applications, or other collections of computer representableresources), and communicate among themselves. Peer groups may also bestatically predefined. The peers in a peer group may cooperate toprovide a common set of services. A peer group may be viewed as anabstract region of the network, and may act as a virtual subnet. Theconcept of a region virtualizes the notion of routers and firewalls,subdividing the network in a self-organizing fashion without respect toactual physical network boundaries. In one embodiment, peer groupsimplicitly define a region scope that may limit peer propagationrequests. Conceptually, a peer group may be viewed as a virtual entitythat speaks the set of peer group protocols.

A peer group may theoretically be as large as the entire connecteduniverse. Naming anything uniquely is a challenge in such a largenamespace. In one embodiment, the peer-to-peer platform may supportand/or provide sophisticated naming and binding services. In oneembodiment, the peer-to-peer platform may use a universal uniqueidentifier (UUID), for example, a 64- or 128-bit datum, to refer to anentity (e.g. a peer, peer group, pipe, content, etc.). For example,UUIDs may be embedded in advertisements for internal use. UUIDspreferably may be used to guarantee that each entity has a unique UUIDwithin a local runtime environment and serves as a canonical way ofreferring to an entity, but because a global state is not assumed, itmay not be possible to provide a guarantee of uniqueness across anentire community that may consist of millions of peers. This may not bea problem because a UUID may be used within the peer-to-peer platform asan internal identifier. This may become significant only after the UUIDis securely bound to other information such as a name and a networkaddress. In one embodiment, Uniform Resource Name (URN) format may beused for the expression of UUIDs.

The core layer 120 provides core support for peer-to-peer services andapplications. In a multi-platform, secure execution environment, thecore mechanisms of peer groups, peer pipes and peer monitoring may beprovided. Peer groups 122 may establish a set of peers and naming withina peer group with mechanisms to create policies for creation anddeletion, membership, advertising and discovery of other peer groups andpeer nodes, communication, security, and content sharing. Pipes providevirtual communication channels among peers. Messages sent in pipes maysupport transfer of data, content, and code in a protocol-independentmanner, allowing a range of security, integrity, and privacy options. Inone embodiment, messages may be structured with a markup language suchas XML. Peer monitoring 128 enables control of the behavior and activityof peers in a peer group and can be used to implement peer managementfunctions including access control, priority setting, traffic metering,and bandwidth balancing.

The core layer 120 may include protocols and building blocks to enablekey mechanisms for peer to peer networking, including discovery,transport (including firewall handling and limited security), and thecreation of peers and peer groups. The core layer 120 is preferably thinand small, and preferably provides interesting and powerful primitivesfor use by services and applications in the other layers. The core layer120 may support choices such as anonymous vs. registered users andencrypted vs. clear text content without imposing specific policies ondevelopers. Policy choices may be made, or when necessary, implemented,at the service layer 140 and/or application layer 150. For example,administration services such as accepting or rejecting a peer'smembership in a peer group may be implemented using the functionalityprovided by the core layer 120.

The core components of the peer-to-peer protocol may be used toimplement discovery mechanisms for searching, publishing and recoveringof core abstractions (e.g. peers, peer group, pipes, endpoints, andadvertisements). These mechanisms are preferably simple, administrationfree, and do not require special peers to act as “master” peers. Thesemechanisms may allow processes in the peer-to-peer network, in absenceof help from other applications and/or services, to bootstrap and findout the information necessary to access applications and services thatcan help. Also, the core may “return” to this standalone behavior andstill function if helper applications or services fail. In oneembodiment, safety mechanisms may be put in place in order to avoid amajor overflow of “web-crawling”. In one embodiment, applications and/orservices that support the peer-to-peer protocol may access, control,and/or override the core components, even to the extreme of implementinga centralized, client-server model based on the core components.

At the highest abstraction level, the peer-to-peer platform may beviewed as a set of protocols provided at the core layer 120. In oneembodiment, a common thread among peer-to-peer platform peers isprotocols, not APIs or software implementations. The peer-to-peerplatform protocols preferably guarantee interoperability betweencompliant software components executing on potentially heterogeneouspeer runtimes. Thus the peer-to-peer platform is preferably agnostic toprogramming languages. The term compliant may refer to a single protocolonly. That is some peers may not implement all the core protocols.Furthermore, some peers may only use a portion (client-side orserver-side only) of a protocol.

Each protocol may be defined by one or more messages exchanged amongparticipants of the protocol. Each message may have a predefined format,and may include various data fields. In one embodiment the protocols mayutilize messaging such as XML messages. The peer-to-peer platformconnects peer nodes with each other. The peer-to-peer platform ispreferably platform-independent by virtue of being a set of protocols.As such, the peer-to-peer platform may not require APIs and remainsindependent of programming languages, so that it can be implemented inC/C++, Java, Java 2ME, Perl, Python or other languages. This meansheterogeneous devices with completely different software stacks canpreferably interoperate through the peer-to-peer platform protocols. Tounderpin this set of protocols, the peer-to-peer platform may define anumber of concepts including peer, peer group, advertisement, message,pipe, and more.

In one embodiment, peer-to-peer protocols may be embodied as markuplanguage (e.g. XML) messages that may be sent between two peers. In oneembodiment, the peer-to-peer platform messages may define the protocolsused to discover and connect peers and peer groups, and to accessresources offered by peers and peer groups, among others. The use ofmarkup language (e.g. XML) messages to define protocols may allow manydifferent kinds of peers to participate in a protocol. Each peer may befree to implement the protocol in a manner best suited to its abilitiesand role. For example, not all peers are capable of supporting a Javaruntime environment. In one embodiment, the protocol definition does notrequire nor imply the use of Java on a peer.

Several peer-to-peer platform protocols that may be provided byembodiments of the peer-to-peer platform are described later in thisdocument. The protocols defined in this document may be realized overnetworks including, but not limited to, the Internet, a corporateintranet, a dynamic proximity network, a home networking environment,LANs, and WANs. The protocols defined in this document may also berealized within a single computer. Thus, the peer-to-peer platform ispreferably transport protocol independent. The size and complexity ofthe network peers that may support these protocols preferably includes awide range of peer implementations including peers implemented on, butnot limited to, simple light switches, PDAs, cell phones, pagers, laptopand notebook computers, smart appliances, personal computers,workstations, complex, highly-available servers, mainframe computers andeven supercomputers.

The peer-to-peer platform may further include a peer-to-peer serviceslayer 140. This layer may provide capabilities that may not beabsolutely necessary for a peer-to-peer network to operate but that maybe desirable to provided added functionality beyond the core layer 120in the peer-to-peer environment. The service layer 140 may deal withhigher-level concepts such as search and indexing, directory, storagesystems, file sharing, distributed file systems, resource aggregationand renting, protocol translation, authentication and PKI (public keyinfrastructure) systems. These services, which may make use of theprotocols and building blocks provided by the core layer 120, may beuseful by themselves but also may be included as components in anoverall P2P system. Thus, services may include one or more services 144provided by the peer-to-peer platform. These platform-provided services144 may include indexing, searching and file sharing services, forexample. The services layer 140 may provide hooks for supporting genericservices (such as searching, sharing and added security) that are usedin many P2P applications. Thus, services may also include one or moreservices 142 not provided as part of the peer-to-peer platform butrather provided by the peer-to-peer platform community. These services142 may be user-defined and may be provided, for example, to memberpeers in a peer group as a peer group service.

Services may expand upon the capabilities of the core layer 120 and maybe used to facilitate application development. Facilities provided asservices in the service layer 140 may include mechanisms for search andindexing, directory, storage systems, file sharing, distributed filesystems, resource aggregation and renting, protocol translation,authentication, PKI services, and caching code and content to enablecross-application bridging and translation of files, among others.Searching capabilities may include distributed, parallel searches acrosspeer groups that are facilitated by matching an XML representation of aquery to be processed with representations of the responses that can beprovided by each peer. These facilities may be used for simple searches,for example searching a peer's repository, or more complex searches ofdynamically generated content that is unreachable by conventional searchengines. P2P searches may be conducted across a company's intranet, forexample, to quickly locate relevant information within a secureenvironment. By exercising tight control over peer group membership andenabling encrypted communication between peers, a company may extendthis capability to its extranet, including business partners,consultants, and suppliers as peers. The same mechanisms that facilitatesearches across the peer group may be used as a bridge to incorporateInternet search results, and to include data outside of the peer's ownrepository, for example searching a peer's disk. The peer services layer140 may be used to support other custom, application-specific functions.For example, a secure peer messaging system may be built to allowanonymous authorship and a persistent message store. The peer serviceslayer 140 provides the mechanisms to create such secure tools; theapplication developers themselves may determine specific tool policies.

The peer-to-peer platform may also include a peer-to-peer applicationlayer 150. The application layer 140 may support the implementation ofintegrated applications such as file sharing, resource sharing, monetarysystems, distributed storage, peer-to-peer instant messaging,entertainment, content management and delivery, peer-to-peer emailsystems, distributed auction systems, among others. Applications may be“vertical” or they may be developed to interoperate with otherdistributed applications. One or more applications 154 may be providedas part of the peer-to-peer platform. For example, one embodiment of thepeer-to-peer platform may include a shell application 160 as adevelopment environment built on top of the platform. The shellapplication may provide interactive access to the peer-to-peer platformvia a simple command line interface 162.

Applications may also include community applications 152 not provided bythe peer-to-peer platform. These community applications 152 may beuser-defined and may be provided, for example, to member peers in a peergroup as a peer group application.

In one embodiment, the boundary between services and applications is notrigid. An application to one customer can be viewed as a service toanother customer. An application may use services. Services may serve asprotocols that may be shared among various applications. An applicationmay provide a user interface, a way to define a set of files to share, away to initiate a search, a way to display the results, and a way toinitiate a file transfer, for example. Such an application may make useof a set of services, for example a reliable point-to-point filetransfer service, a distributed search service, a discovery service tolocate other peers, among others.

Applications may be built using peer services as well as the core layer120. The peer-to-peer platform may support the fundamental levelsbroadly, and rely on the P2P development community to provide additionalpeer services and applications. Peer applications enabled by both thecore layer 120 and peer services layer 140 may include P2P auctions thatlink buyers and sellers directly, with buyers able to program theirbidding strategies using a simple scripting language, for example.Resource-sharing applications, such as SETI@home, may be built morequickly and easily, with heterogeneous, worldwide peer groups supportedfrom day one. Instant messaging, mail, and calendaring services mayfacilitate communication and collaboration within peer groups that aresecure and independent of service provider-hosted facilities. Virtuallyany other type of application may be build on top of the core layer 120and services layer 140.

Some features, such as security, may manifest in all three layers andthroughout a P2P system, albeit in different forms according to thelocation in the software architecture. The system is preferably modular,and allows developers to pick and choose a collection of services andapplications that suits their needs.

A typical peer-to-peer platform network may provide an inherentlynondeterministic topology/response structure. In a peer-to-peer platformnetwork, a specific resource request may not return for minutes, hours,or even days; in fact, it may never return at all. In addition, peoplefrom different parts of the world requesting the same resource arelikely to get different copies of the resource from completely differentlocations. Peers may obtain content from multiple servers, ideallyreaching a nearby one that is up and running. The original source peerneed not service every resource request; in fact, it does not even haveto be up and running. The nondeterministic structure may also helpprovide the optimized use of network bandwidth. The concentratedlocalized traffic congestion typical of today's Web doesn't affect P2Pnetworking. The nondeterministic structure may also help provide alowered cost of content distribution. The P2P network can absorbcontents and replicate it for easy access. The nondeterministicstructure may also help provide leveraged computing power from everynode in the network. With asynchronous operations, a user may issue manyrequests for many resources or services simultaneously and have thenetwork do the work. The nondeterministic structure may also helpprovide unlimited scalability. A properly designed P2P application mayspan the entire known connected universe without hitting scalabilitylimits; this is typically not possible with centralized schemes. Note,however, that the peer-to-peer platform also may support deterministic,synchronous applications.

As an example of a nondeterministic, asynchronous application, considera network-based music request service that operates over a peer-to-peerplatform-based P2P network. A peer submits multiple requests for musicfiles and then checks back later to see if the music request service inthe peer group has found them. A few requested files have been found,but others cannot be located. The service's response in regards to thefiles that cannot be located may be something like “Music selection andavailability changes continuously; please retry your request later.”This is an acceptable nondeterministic outcome. Even though the servicecouldn't find a file, the same file may be available later if the samerequest is resubmitted, because peers that host the desired files mayhave come online in the meantime.

The peer-to-peer platform provides the ability to replicate informationtoward end users. Popular content tends to be replicated more often,making it easier to find as more copies are available. Peers do not haveto always go back to the same peer to obtain the information they want,as is typical in the client/server model. Peers may obtain informationfrom neighboring peers that have already cached the information. Eachpeer may become a provider to all other peers.

In one embodiment the peer-to-peer platform may enable peers to findcontent that is closest to them. This content may include data (e.g.files) or even services and applications. For example, if a peer node inan office peer-to-peer network using the peer-to-peer platform is moved,the peer-to-peer platform may allow the peer to automatically locatecontent (e.g. using a discovery service that participates in thediscovery protocol) including services (e.g. a printer service and anemail service) hosted by other peers closest to the peer's new location,without requiring any manual reconfiguration. Further, at least somecontent may be copied or moved to the peer in its new location and/or toother peers proximate to the new location.

In one embodiment, the UUIDs may be used in providing flexibleconfiguration and seamless relocation of peer nodes on a peer-to-peernetwork, and may assist in locating and accessing content includingservices nearest to a peer node when the peer node is moved. Forexample, a businessperson based in New York may participate in apeer-to-peer network based on the peer-to-peer protocols using anotebook computer or other portable computing device connected to a LANas a peer node. The businessperson may access an instance of an emailand/or other services locally hosted by other peer nodes in a peer groupon the LAN. If the businessperson travels to Paris, for example, andtakes the notebook computer, the notebook computer may be connected to adifferent LAN at the Paris location and participate in the peer-to-peernetwork. Because the peer node has a unique ID in the peer-to-peernetwork (the UUID) rather than just a static network address, the peernode may seamlessly access instances of an email service and otherservices locally hosted on the LAN, or alternatively hosted on a peernode at the peer node's original location or elsewhere, using the UUIDto establish its identity. The peer node may rejoin the peer group inNew York to access one or more instances of services and other contenthosted on the peer group, and may also join a peer group at the Parislocation to access one or more other instances of services and content.Thus, the peer-to-peer protocols and UUIDs may provide the ability forpeer nodes to move to different peer groups and/or peer regions andaccess services and other content independent of network addresses andwithout requiring reconfiguration of the peer node. For example, whenthe exemplary peer node moves to Paris, connects to the network (at adifferent network address) and accesses an instance of an email service(either locally or remotely hosted, for example in the New York peergroup), the email service may identify the peer node by its unique IDand route the peer's email to the peer node at the new network addresswithout requiring reconfiguration of the peer node. Thus, peer nodes maybe relocated and access services and other content that are locallyhosted or services and other content hosted in their original peer groupif the services and other content are not required to be locally hosted.

The peer-to-peer platform preferably provides a decentralizedenvironment that minimizes single points of failure and is not dependenton any centralized services. Both centralized and decentralized servicesmay be developed on top of the peer-to-peer platform. With the additionof each new network peer, the network platform preferably becomes morerobust as it expands. In the environment, services may be implemented tointeroperate with other services giving rise to new P2P applications.For example, a P2P communications service like instant messaging mayeasily be added to a resource-sharing P2P application if both support atleast the necessary peer-to-peer platform protocols.

The peer-to-peer platform may provide interoperability. The peer-to-peerplatform may be used by developers independent of preferred programminglanguages, development environments, or deployment platforms.Embodiments of the peer-to-peer platform may enable interconnected peersto easily locate each other, communicate with each other, participate incommunity-based activities, and offer services to each other seamlesslyacross different P2P systems and different communities. The peer-to-peerplatform may also provide platform independence. Embodiments of thepeer-to-peer platform may be independent of programming languages (suchas C/C++, Java, Perl, and KVM), system platforms (such as the MicrosoftWindows, UNIX®, Solaris, Linux and Macintosh platforms), and networkingplatforms (such as TCP/IP, Bluetooth and Havi). Thus, heterogeneousdevices with completely different software stacks may interoperatethrough the peer-to-peer platform protocols. Embodiments of thepeer-to-peer platform may be implementable on any device with a digitalheartbeat, including, but not limited to, sensors, consumer electronics,Personal Digital Assistants (PDAs), appliances, network routers, desktopcomputers, data-center servers, and storage systems. Embodiments of thepeer-to-peer platform may enable peers, independent of software andhardware platform, to benefit and profit from being connected tomillions of other peers.

In one embodiment, the peer-to-peer platform may run on any of variousoperating systems including embedded operating systems (with theappropriate level of Java runtime support, if required) such asWindows95, 98, 2000, ME, and NT, Solaris, Unix, Macintosh, Linux, Java 2Platform, Micro Edition (J2ME) and PersonalJava Technology. Thepeer-to-peer platform may be implemented in any of a variety ofdevelopment environments using any of a variety of programminglanguages, or combinations of programming languages, including, but notlimited to, Java, Java 2ME, C/C++, Perl, Python and KVM. In oneembodiment, the peer-to-peer platform may be implemented in Java. In oneembodiment, a peer-to-peer platform may be implemented in C/C++ on somedevices, for example, to support devices without Java support. In oneembodiment, a peer-to-peer platform may be implemented in KVM on somedevices, for example, so that all KVM capable devices such as PDAs andcell phones can be peer-to-peer platform peers. Programming languagesother than those listed may also be used in various embodiments.

A minimal device with the ability to generate a text string maytheoretically participate in a peer-to-peer platform network (though notnecessarily in every P2P application). The simplistic device may need asurrogate peer on the P2P network. This surrogate peer may performdiscovery, advertisement, and communications on behalf of the simplisticdevice (or many simplistic devices). The location of the surrogate maybe hard-wired into the simplistic device. In this way, the simplisticdevice with the help of the surrogate can be a full-fledged peer on thepeer-to-peer platform network. For example, a GPS locator, strapped to asea turtle and sending out peer-to-peer platform messages wirelesslywith location information, may become a peer on a peer-to-peer platformnetwork.

The peer-to-peer platform is preferably independent of transportprotocols. For example, the peer-to-peer platform may be implemented ontop of TCP/IP, HTTP, Bluetooth, HomePNA, and other protocols. Thus, asystem built on top of the peer-to-peer platform preferably functions inthe same or similar fashion when the system is expanded to a newnetworking environment or to a new class of devices, as long as there isa correct transport protocol handler for the new networking protocol.

In one embodiment, the peer-to-peer platform may use XML as the encodingformat. XML may provide convenience in parsing and extensibility. Otherembodiments of the peer-to-peer platform may use other encoding formats.The use of XML does not imply that all peer-to-peer platform peer nodesmust be able to parse and to create XML documents. For example, a cellphone with limited resources may be programmed to recognize and tocreate certain canned XML messages and can still participate in apeer-to-peer platform network of peers. In one embodiment, a lightweightXML parser may be used that supports a subset of XML. This may helpreduce the size of the peer-to-peer platform.

There may be areas in a peer-to-peer environment where there is not onecorrect way to do something or where what should be done depends on thenature and context of the overriding application. For example, in thearea of security, every P2P application may choose a differentauthentication scheme, a different way to ensure communication security,a different encryption algorithm for data security, a differentsignature scheme for authenticity, and a different access controlpolicy. Therefore, for these areas, the peer-to-peer platform maypreferably focus on mechanisms instead of policy, so that applicationdevelopers can have the maximum freedom to innovate and offercompetitive solutions.

Implementations of the peer-to-peer platform may be illustrated with afew application or usage scenarios. For example, assume there is apeer-to-peer community offering a search capability for its members,where one member can post a query and other members can hear and respondto the query. One member is a Napster user and has implemented a featureso that, whenever a query is received seeking an MP3 file, this memberwill look up the Napster directory and then respond to the query withinformation returned by the Napster system. Here, a member without anyknowledge of Napster may benefit because another member implemented abridge to connect their peer-to-peer system to Napster. The peer-to-peerplatform may provide a platform bridge that may be used to connect thevarious peer-to-peer systems together.

In another example, one engineering group requires a sizable storagecapability, but also with redundancy to protect data from sudden loss.Using the peer-to-peer platform, each group may buy a simple storagesystem without a mirroring feature, where the disks can then discovereach other automatically, form a storage peer group, and offer mirroringfacilities using their spare capacity.

As yet another example, many devices such as cell phones, pagers,wireless email devices, Personal Digital Assistants (PDAs), and PersonalComputers (PCs) may carry directory and calendar information. Using thepeer-to-peer platform, these devices may be able to interact with eachother, without extra networking interfaces except those needed by thedevices themselves, using the peer-to-peer platform as the common layerof communication and data exchange.

Peers

Network nodes (peers) of various kinds may join the peer-to-peernetworking platform by implementing one or more of the platform'sprotocols. Each peer operates independently and asynchronously of anyother peer, providing a degree of reliability and scalability nottypically found in current distributed systems. Some peers may have moredependencies with other peers due to special relationships (e.g.gateways or routers). In one embodiment, a peer does not need tounderstand all of the protocols of the peer-to-peer platform. The peercan still perform at a reduced level if it does not support one or moreof the protocols.

Peers may publish and provide network resources (e.g. CPU, storage androuting resources) that may be used by other peers. Peers typicallyinteract with a small number of other peers (network neighbors or buddypeers). Peers that provide the same set of services tend to beinter-changeable. Thus, it may not matter which peers a peer interactswith. Generally, assumptions should not be made about peer reliabilityor connectivity, as a peer may appear or leave the network at any time.Peers may have persistent storage. A peer may optionally cacheinformation.

Peers may have multiple network interfaces, though preferably a peerdoes not need to publish all of its interfaces for use with thepeer-to-peer protocols. Each published interface may be advertised as apeer endpoint. In one embodiment, a peer endpoint is an identifier (e.g.a URN or URI) that uniquely identifies a peer network interface. Peerendpoints may be used by peers to establish direct point-to-pointconnection between two peers. Peers may not have direct point-to-pointnetwork connection between themselves, either due to lack of physicalnetwork connections, or network configuration (NATs, firewalls, proxies,etc.), and thus a peer may have to use one or more intermediary peers toroute a message from an endpoint to another peer endpoint.

The term rendezvous peer may be used to designate a peer that isdesignated to be a rendezvous point for discovering information aboutother peers, peer groups, services and pipes. Rendezvous peerspreferably cache information that may be useful to peers including newpeers. Rendezvous peers may provide an efficient mechanism for peersthat are far away to find (e.g. discover) each other. Rendezvous peersmay make peer discovery more practical and efficient. Preferably, a peergroup is not required to have a rendezvous peer. In one embodiment, anyor even all members of a peer group may become rendezvous peers in apeer group. In one embodiment, each peer group may have differentpolicies to authorize a peer to become a rendezvous peer.

The term router peer may be used to describe a peer that crosses one ormore regions and that is designated to be a router between the regions.Router peers may be used to route messages between different networkprotocols (e.g. TCP/IP, Irda) or to peers that are behind firewalls. Inone embodiment, any or all peer members may become routers. In oneembodiment, peer groups may have different policies to authorize a peerto become a router peer for other peers.

Peers may be identified by their unique ID (UUID) rather than by a fixedaddress. When a peer boots, it attempts to contact other peers. In oneembodiment, contacted peers may include variable-sized caches that mapnearby peers' UUID to their current address. This allows embodiments ofthe peer-to-peer platform to be run over a dialup connection, forexample.

In one embodiment, a peer may be assigned a unique string as a name. Anynaming scheme may be used. In one embodiment, names are not uniqueunless a coordinated naming service is used to guarantee nameuniqueness. A naming service is typically a centralized service thatguarantees the uniqueness of name and can be used to register namemapping. Examples of naming services are DNS and LDAP. Use of a namingservice is preferably optional.

Peer Groups

Preferably, the peer-to-peer platform describes how to create anddiscover peer groups, but does not dictate when, where, or why to createa peer group, the type of the group, or the membership of the group. Apeer group may provide a common membership definition. Each peer groupmay establish its own membership policy in a range from open (any peercan join) up to highly secure and protected (a peer may join only if itpossesses sufficient credentials).

In one embodiment, peers wishing to join a peer group may first locate acurrent member, and then request to join the peer group. Thepeer-to-peer platform may define how to discover peer groups, e.g. usinga peer discovery protocol. The application to join may be rejected oraccepted by the collective set of current members in accordance with thepeer group's membership policy. In one embodiment, a peer group coremembership service may be used to enforce a vote among one or more groupmembers. Alternatively, one or more group representative member peersmay be elected or appointed to accept or reject new membershipapplications.

In one embodiment, the peer-to-peer platform is not concerned with whatsequence of events a peer or a peer group comes into existence.Moreover, in one embodiment, the peer-to-peer platform does not limithow many groups a peer can belong to. In one embodiment, nested and/oroverlapping peer groups may be formed. In one embodiment, there may be aspecial group, called the World Peer Group, which may include allpeer-to-peer platform peers. The world peer group preferably providesthe minimum seed for every peer to potentially find each other and formnew groups. In one embodiment, the world peer group has an openmembership policy (e.g. has a null membership authenticator service).Some peers inside the world peer group may not be able to discover orcommunicate with each other—e.g., they may be separated by a networkpartition. In one embodiment, participation in the World Peer Group isby default.

The peer-to-peer platform may use the concept of a peer group as animplicit scope of all messages originated from within the group. Peergroups may serve to subdivide the network into abstract regionsproviding an implicit scoping mechanism. Peer groups may provide alimited scoping environment to ensure scalability. Peer groups may beformed and self organized based upon the mutual interest of peers. Inone embodiment, no particular rules are imposed on the way peer groupsare formed, but peers with the same interests may tend to join the samepeer groups.

In one embodiment, a scope may be realized with the formation of acorresponding peer group. Peer group boundaries may define the searchscope when searching for a group's content. For example, a peer in SanFrancisco looking to buy a used car is normally not interested in carsavailable outside of the Bay Area. In this case, the peer may want tomulticast a message to a subset of the current worldwide peer group, anda subgroup may be formed especially for this purpose. In one embodiment,the multicast may be done without the formation of a new peer group. Inone embodiment, all messages may carry a special scope field, which mayindicate the scope for which the message is intended. Any peer whoreceives this message may propagate the message based on the scopeindicator. Using this approach, it is preferable that a sending peer isbootstrapped with some well-defined scopes and also has the ability todiscover additional scopes.

Peer groups may also be formed based upon the proximity of the memberpeers. Proximity-based peer groups may serve to subdivide the networkinto abstract regions. Regions may serve as a placeholder for generalcommunication and security configurations that deal with existingnetworking infrastructure, communication scopes and securityrequirements. Peer groups may provide a scoping mechanism to reducetraffic overload.

Peer groups may provide a secure cooperative environment. Peer groupboundaries permit member peers to access and publish protected contents.Peer groups form virtual secure regions which boundaries limit access tothe peer group resources. Secure services may be provided to peerswithin a secured peer group. Their boundaries may or may not reflect anyunderlying physical network boundaries such as those imposed by routersand firewalls. The concept of a region may virtualize the notion ofrouters and firewalls, subdividing the network into secure regions in aself-organizing fashion without respect to actual physical networkboundaries.

Peer groups may also create a monitoring environment. Peer groups maypermit peers to monitor a set of peers for any special purpose(heartbeat, traffic introspection, accountability, etc.). Peer groupsmay also provide a controlled and self-administered environment. Peergroups may provide a self-organized structure that is self-managed andthat may be locally managed.

Peer groups using the peer-to-peer platform preferably provide severalcapabilities including, but not limited to, the ability to, find nearbypeers, find named peers anywhere on the network, find named peer groupsanywhere on the network, join and resign from a peer group, establishpipes between peer group members and find and exchange shared content.

Content

Peers may be grouped into peer groups to share content. A content ispublished and shared among the peer members of a peer group. In oneembodiment, content may be shared among group members, but not betweengroups. In this embodiment, no single item of content may belong to morethan one group. If the same content is published in two different peergroups, two different contents may be created. In one embodiment, acontent item may be published to make the item's existence known andavailable to group members through the use of advertisements.

An instance of content is a copy of a content. Each content copy may bereplicated on different peers in the peer group. Each copy preferablyhas the same content identifier as well as a similar value. Replicatingcontents within a peer group may help any single item of content be moreavailable. For example, if an item has two instances residing on twodifferent peers, only one of the peers needs to be alive and respond tothe content request. In one embodiment, the peer-to-peer platformprotocols do not specify how or when contents are replicated. In oneembodiment, whether and how to copy an item of content may be a policydecision that may be encapsulated in higher-level applications andservices, for example a content management service.

A content may be any computer content (e.g. code, data, applications,active content such as services, or other collection ofcomputer-representable resources). Examples of content include, but arenot limited to, a text file, a structured document (e.g. a PDF or a XMLfile), a Java “.jar” or loadable library, code or even an executableprocess (checkpointed state). No size limitation is assumed. Eachcontent instance may reside on a different peer in the peer group. Theinstances may differ in their encoding type. HTML, XML and WML areexamples of encoding types. Each instance may have the same contentidentifier as well as a similar set of elements and attributes, and mayeven exist on the same peer. An encoding metadata element may be used todifferentiate instances of content. Making new instances of content ondifferent peers may help any single item of content be more available.For example, if an item has two instances residing on two differentpeers, only one of the peers needs to be alive and respond to thecontent request.

Items of content that represent a network service may be referred to asactive content. These items may have additional core elements above andbeyond the basic elements used for identification and advertisement. Inone embodiment, active content items may be recognized by Multi-PurposeInternet Mail Extensions (MIME) content type and subtype. In oneembodiment, all peer-to-peer platform active contents may have the sametype. In one embodiment, the subtype of an active content may be definedby network service providers and may be used to imply the additionalcore elements belonging to active content documents. In one embodiment,the peer-to-peer platform may give latitude to service providers in thisregard, yielding many service implementation possibilities.

In one embodiment, each item of content may have a unique canonicalname. FIG. 3 illustrates an exemplary canonical content name (which maybe referred to as a content identifier or content ID) according to oneembodiment. The unique identifier may include a peer group universalunique identifier (UUID) 170, and also may include another name 174 thatmay be computed, parsed, and maintained by peer group members. In oneembodiment, the UUID may be a 128-bit field. In one embodiment, the namemay be a byte array. In one embodiment, the particular nameimplementation within a peer group is not mandated by the peer-to-peerplatform. The name may be, for example, a hash code, a URI, a URN, or aname generated by any suitable means of uniquely identifying contentwithin a peer group. In one embodiment, a length of remainder field 172may specify the length of the name field 174 for this content in thisparticular implementation.

In one embodiment, once a content item has been published to thepeer-to-peer network, it may not be assumed that that the content can belater retrieved from the network. The content may be only available frompeers that are not currently reachable or not currently part of thenetwork. In one embodiment, once a content item has been published tothe peer-to-peer network, it may not be assumed that the content can bedeleted. Replication/republication of content by peers on the networkmay be unrestricted and the content may propagate to peers that are notreachable from the publishing peer.

Pipes

Pipes may provide the primary channels for communication among peers andare a mechanism for establishing communication between peers. Pipes maybe used as communication channels for sending and receiving messagesbetween services or applications over peer endpoints. Pipes may connectpeers that have a direct physical link and peers that do not have adirect physical link. In the latter case, one or more intermediary peerendpoints may be used to route messages between the two pipe endpoints.A pipe instance is, logically speaking, a resource within a peer group.The actual implementation of a pipe instance is typically through a pipeservice. In one embodiment, at each endpoint, software to send, orreceive, as well as to manage optional associated pipe message queues isassumed, but not mandated.

In one embodiment, pipes are a mechanism for interacting with serviceson the peer-to-peer network. Rather than assuming a specific namingsystem such as DNS or a specific network addressing system such as IP,the peer-to-peer platform may abstract these concepts via severalmechanisms. Pipes provide a virtual abstraction of the network serviceusing a pipe identifier which is bound to a peer identifier via a pipeadvertisement, which in turn is bound to an endpoint address via a peeradvertisement and an endpoint advertisement. Pipes can thus be movedfrom one peer to another providing flexibility in the way a service isdeployed and consumed. The location of a machine (node) on the networkis abstracted via the concept of the peer which binds to an endpoint.This provides support for dynamic movement of endpoint addresses for aspecific peer.

In one embodiment, pipes are implemented as a service on a peer. In oneembodiment, in order for a peer to send a message to another peer'spipe, both peers must be part of the same peer group. This allows groupsof peers to potentially implement different kinds of pipes, allowing fora flexible approach to communication.

In one embodiment, to connect to a pipe, a peer may send a discoveryrequest for a pipe advertisement containing specific keywords. The peermay then receive the requested pipe advertisement. The peer may thensend a pipe resolver request for a peer matching the pipe identifier andmay then receive the peer advertisement, for example from a pipe servicethat handles the request. The peer may then send data down the pipe, forexample using a URL addressing scheme.

Pipes in the peer-to-peer platform are preferably asynchronous,unidirectional, stateless and unreliable to provide the lowest overhead.Pipes are preferably unidirectional, and thus in one embodiment thereare input pipes and output pipes. Asynchronous pipes may enabledevelopers to build large-scale interconnected distributed services andapplications. Pipes are preferably indiscriminate and may thus supportbinary code, data strings, Java technology-based objects, and/orapplets, among others. The peer-to-peer platform preferably does notdefine how the internals of a pipe work. Any number of unicast andmulticast protocols and algorithms, and combinations thereof, may beused. In one embodiment, one pipe may be chained together with eachsection of the chain using a different transport protocol.

The pipe endpoints may be referred to as input pipes (receiving end) andoutput pipes (sending end). Pipes may provide the illusion of a virtualin and out mailbox that is independent of any single peer location.Services and applications may communicate through pipes without knowingon which physical peer a pipe endpoint is bound. When a message is sentinto a pipe, the message is sent to all peer endpoints currentlyconnected (listening) to the pipe. The set of currently connected pipeendpoints (input pipes) may be obtained using the pipe binding protocol.

Unlike conventional mechanisms, peer-to-peer platform pipes may haveends that may be moved around and bound to different peers at differenttimes, or not connected at all. In one embodiment, pipes may be virtual,in that a pipe's endpoint may be bound to one or more peer endpoints. Inone embodiment, pipe endpoints may be non-localized to a physical peer,and may be dynamically bound at creation time or runtime via the pipebinding protocol. The pipe binding process may include discovering andconnecting the two or more endpoints of a pipe.

Using pipes, developers may build highly available services where pipeconnections may be established independently of a peer location. Thisdynamic binding of pipes helps to provide redundant implementation ofservices over a P2P network. A peer may logically “pick up” a pipe atany point in time. For example, a peer that wants to use a spell checkerservice man connect to a peer group's spell checker pipe that isimplemented as a redundant peer group service. The peer may be servicedas long as there is at least one single instance of a spell checkerservice still running somewhere within the peer group. Thus, using pipesas described herein, a collection of peers together may provide a highlevel of fault tolerance, where a new peer at a different location mayreplace a crashed peer, with the new peer taking over the existing pipeto keep the communication going.

In one embodiment, enhanced pipes with additional properties such asreliability, security, and quality of service may be supported. Inembodiments where the peer-to-peer platform runs on top of transportsthat have such properties, an implementation may optimize and utilizethe transports. For example, when two peers communicate with each otherand both have TCP/IP support, then an implementation may use thebidirectional capabilities of TCP/IP to create bidirectional pipes.Other data transfer methods that may be implemented by pipes as providedat the service layer to provide different quality of service include,but are not limited to: synchronous request-response (the endpoint sendsa message, and receives a correlated answer), streaming (efficientcontrol-flow data transfer) and bulk transfer (bulk reliable datatransfer of binary data).

Pipes may offer several modes of communication. FIG. 4 illustrates apoint-to-point pipe connection between peers 200C and 200D according toone embodiment. In one embodiment, a point-to-point pipe connectsexactly two peer endpoints together, an input pipe 202A that receivesmessages sent from an output pipe 204A. The pipe appears as an outputpipe to the sender and as an input pipe to the receiver, with trafficgoing in one direction only—from the sender to the receiver. In oneembodiment, no reply or acknowledgement operation is supported. In oneembodiment, additional information in the message payload (for example,a unique ID) may be required to thread message sequences. The messagepayload may also contain a pipe advertisement that can be used to open apipe to reply to the sender (send/response).

FIG. 4 also illustrates a propagate pipe with peer 200A as a propagationsource and peers 200B and 200C with listening input pipes according toone embodiment. A propagate pipe may connect two or more peer endpointstogether, from one output pipe 204B to one or more input pipes (e.g.202B and 202C). The result is that any message sent into the output pipeis sent to all input pipes. Messages flow into the input pipes from theoutput pipe (propagation source). A propagate message may be sent to alllistening input pipes. This process may create multiple copies of themessage to be sent. On transports that provide multicast (e.g. TCP/IP),when the propagate scope maps to underlying physical subnets in aone-to-one fashion, transport multicast be may used as an implementationfor propagate. Propagate may be implemented using point-to-pointcommunication on transports that do not provide multicast such as HTTP.

Messages

In one embodiment, the peer-to-peer platform may use asynchronousmessages as a basis for providing Internet-scalable peer-to-peercommunication. The information transmitted using pipes may be packagedas messages. Messages define an envelope to transfer any kinds of data.A message may contain an arbitrary number of named subsections which canhold any form of data. In one embodiment, the messages may be in amarkup language. In one embodiment, the markup language is XML. Eachpeer's messaging layer may deliver an ordered sequence of bytes from thepeer to another peer. The messaging layer may send information as asequence of bytes in one atomic message unit. In one embodiment,messages may be sent between peer endpoints. In one embodiment, anendpoint may be defined as a logical destination (e.g. embodied as aURN) on any networking transport capable of sending and receivingDatagram-style messages. Endpoints are typically mapped into physicaladdresses by the messaging layer at runtime.

In one embodiment, a message may be a Datagram that may include anenvelope and a stack of protocol headers with bodies and an optionaltrailer. The envelope may include, but is not limited to, a header, amessage digest, (optionally) the source endpoint, and the destinationendpoint. In one embodiment, each protocol header may include, but isnot limited to, a tag naming the protocol in use and a body length. Eachprotocol body may be a variable length amount of bytes that is protocoltag dependent. Each protocol body may include, but is not limited to,one or more credentials used to identify the sender to the receiver.Such a message format preferably supports multiple transport standards.An optional trailer may include traces and accounting information.

The messaging layer may use the transport specified by the URN to sendand receive messages. In one embodiment, both reliable connection-basedtransports such as TCP/IP and unreliable connectionless transports likeUDP/IP may be supported. Other existing message transports such as IRDA,and emerging transports like Bluetooth may also be supported using thepeer endpoint addressing scheme. Peer-to-peer platform messages arepreferably useable on top of asynchronous, unreliable, andunidirectional transport. The peer-to-peer platform protocols preferablyuse a low-level message transport layer (e.g. XML) as a basis forproviding Internet-scalable peer-to-peer communication. The peer-to-peerplatform preferably does not assume that the networking transport isIP-based.

The message digest in the envelope may be used to guarantee the dataintegrity of messages. Messages may also be encrypted and signed forconfidentiality and refutability. In one embodiment, each protocol bodymay include one or more credentials used to identify the sender to thereceiver. A credential is a key that, when presented in a message body,may be used to identify a sender and to verify that sender's right tosend the message to the specified endpoint. The credential may be anopaque token that is preferably presented each time a message is sent.In one embodiment, the sending address placed in the message envelopemay be crosschecked with the sender's identity in the credential.Credentials may be stored in the message body on a per-protocol <tag>basis. In one embodiment, the exact format and content of thecredentials are not specified by the peer-to-peer platform. For example,a credential may be a signature that provides proof of message integrityand/or origin. As another example, a message body may be encrypted, withthe credential providing further information on how to decrypt thecontent. In one embodiment, each credential's implementation may bespecified as a plug-in configuration, which preferably allows multipleauthentication configurations to coexist on the same network.

When an unreliable networking transport is used, each message may bedelivered more than once to the same destination or may not arrive atthe destination. Two or more messages may arrive in a different orderthan sent. In one embodiment, high-level communication services layeredupon the core protocols may perform message re-ordering, duplicatemessage removal, and processing acknowledgement messages that indicatesome previously sent message actually arrived at a peer. Regardless oftransport, messages may be unicast (point to point) between two peers ormay be propagated (like a multicast) to a peer group. Preferably, nomulticast support in the underlying transport is required. In oneembodiment, peers receiving a corrupted or compromised message maydiscard the message. Messages may be corrupted or intentionally alteredin transmission on the network.

The peer-to-peer platform preferably does not mandate how messages arepropagated. For example, when a peer sends out a peer discovery message,the peer discovery protocol preferably does not dictate if the messageshould be confined to the local area network only, or if it must bepropagated to every corner of the world.

The peer-to-peer platform messages 252 are preferably defined with theenvelope 250 as illustrated in FIG. 5. In one embodiment, the messagesare defined in a markup language. In one embodiment, the markup languageis XML. The following is an exemplary message in XML:

<?xml version=“1.0” encoding=“UTF-8”?> <SampleMessage><SampleMessageVersion> version number “1.0” </SampleMessageVersion><SampleMessageDest> destination peer id </SampleMessageDest><SampleMessage> source peer id </SampleMessageSrc> <SampleMessageDigest>digest </SampleMessageDigest> <SampleMessageTagName> tag</SampleMessageTagName> <SampleMessageTagData> body</SampleMessageTagData> . . . <SampleMessageTagName> tag</SampleMessageTagName> <SampleMessageTagData> body</SampleMessageTagData> <SampleMessageTrailer> String</SampleMessageTrailer> </SampleMessage>

The version number may be a string. The destination and source peeridentifier may be represented as peer-to-peer platform identifiers. Inone embodiment, the digest is either an MD5 or SHA1 hash or a digitalsignature. The digest may serve as a placeholder for either. A messagemay have as many tag parts as needed. In one embodiment, the tag namemay be a string and the body may be a byte array containing a stringwithout XML escape characters (“<”, “>”)or a base64 encoded string.

In one embodiment, the message format may support binary data and/ormulti-part messages with MIME-types. The message format may allow forarbitrary message header fields, including optional header fields. Themessage format may allow for data verification of message content andthe cryptographic signing of messages. The message format may provide anarbitrary number of named subsections that may contain any form of dataof any (reasonable) size. The message format may be “email-safe” suchthat its contents may be extracted reliably after standard textualtransformations committed my E-mail client and server software.

Services

Peers may cooperate and communicate to publish, discover and invokenetwork services. A service denotes a set of functions that a provideroffers. In one embodiment, a peer-to-peer platform peer can offer aservice by itself or in cooperation with other peers. In one embodiment,a peer may publicize a service by publishing a service advertisement forthe service. Other peers may then discover this service using the peerdiscovery protocol (through the advertisement) and make use of it. Apeer may publish as many services as it can provide.

In one embodiment, services may either be pre-installed into a peer orloaded from the network. The process of finding, downloading andinstalling a service from the network may include performing a search onthe network for the service, retrieving the service, and then installingthe service. Once a service is installed and activated, pipes may beused to communicate with the service. In one embodiment, peer-to-peerplatform-enabled services may publish pipe advertisements as their maininvocation mechanism. The service advertisement may specify one or morepipe advertisements that may be used by a peer to create output pipes toinvoke the service. The service advertisement may also include a list ofpredetermined messages that may be sent by a peer to interact with theservice. The service advertisement may describe all messages that aclient may send or receive.

Several methods may be provided by various embodiments to publish aservice. Services may be published before creating a new peer group byadding the service advertisement to the peer group advertisement.Services may also be published by adding the services in a separate peerservice advertisement. The discovery service may also allow newadvertisements to be added at runtime. The new advertisement will belongto a predefined peer group. Other methods of publishing services may beprovided. Note that service advertisements may be placed in the peergroup advertisement of any group. Since all peers belong to the globalpeer group, a peer may publish the service in the global peer groupadvertisement to make it available to any peer.

In one embodiment, services advertised in a peer group advertisement areinstantiated for a peer when the peer joins the group. In oneembodiment, all the services are instantiated. In another embodiment,none, one or more of the advertised services may be instantiated whenthe peer joins the peer group. Service advertisements in the peer groupadvertisement may include resolver, discovery, membership, peerinformation and pipe service advertisements. In one embodiment, servicesadvertised in a peer group advertisement are loaded on the peer when thepeer boots. In one embodiment, this automated loading is not mandatorybut is part of the Java Binding. One embodiment may provide a mechanismto force a service in a peer group advertisement to be instantiated by apeer.

In one embodiment, when a peer boots, any services advertised in thepeer advertisement are loaded. The peer advertisement corresponds to theplatform advertisement. These services may include the minimal set ofservices to bootstrap the creation of new peers: discovery service,membership service, resolver service, peer information service and pipeservice.

In one embodiment, when a peer switches from one peer group to another,the first group's services remain active. In one embodiment, a peer maycall a stop method on the service application interface to stop aninstance of a local service. A peer that is a member of one peer groupthat refers to a service may join a second peer group that also refersto the service while still a member of the first. Whether the service isinstantiated once or twice may depend on the service implementation.Some service implementations may use a static instantiation that is doneonce. In this case, all groups share the same instance. Other serviceimplementations are local to a peer group and are not aware of the stateof any other peer groups on the same node.

In one embodiment, services may use a “time to live” indicator thatdefines when the service was created, and would also define the lifetimeof the service. After its lifetime has expired, the stale service may bepurged.

A service may be well defined and widely available so that a peer canuse it directly. Other services may require special code in order toactually access the service. For example, the way to interface with theservice provider may be encoded in a piece of software. In this case, itis preferable if a peer can locate an implementation that is suitablefor the peer's specific runtime environment. In one embodiment, ifmultiple implementations of the same service are available, then peershosted on Java runtimes can use Java programming languageimplementations while native peers to use native code implementations.In one embodiment, service implementations may be pre-installed into apeer node or loaded from the network. In one embodiment, once a serviceis installed and activated, pipes may be used to communicate with theservice.

In one embodiment, each service may have a unique identifier. In oneembodiment, a service may have a name that may include a canonical namestring that may indicate the type and/or purpose of the service. Aservice may also provide optional information (e.g. a set of descriptivekeywords) that further describes the service. The unique identifier,name and optional information may be stored within a serviceadvertisement. The advertisement may also include other informationneeded to configure and instantiate a service.

In one embodiment, the peer-to-peer platform may recognize two levels ofservices, peer services and peer group services. A service that executesonly on a single peer may be referred to as a peer service. A peerservice is accessible only on the peer that is publishing the service.If that peer happens to fail, then service also fails. This level ofservice reliability may be acceptable for an embedded device, forexample, providing a calendar and email client to a single user.Multiple instances of the service may be run on different peers, buteach instance publishes its own advertisement. A service that iscomposed of a collection of cooperating instances (potentiallycooperating with each other) of the service running on multiple peers ina peer group may be referred to as a peer group service. A peer groupservice may employ fault tolerance algorithms to provide the service ata higher level of availability than that a peer service can offer. Ifany one peer fails, the collective peer group service may not beaffected, because the service may still be available from at least oneother peer member. Peer group services may be published as part of thepeer group advertisement.

In one embodiment, the peer-to-peer platform may include a set ofdefault peer group services such as peer discovery, as well as a set ofconfigurable services such as routing. In one embodiment, a peer-to-peerplatform peer may not be required to have one or all of these services.For example, a cell phone peer may be pre-configured with enoughinformation to contact a fixed server provided by the telecom operator.This may be enough to bootstrap the cell phone peer without requiring itto independently carry with it additional services.

In one embodiment, although the concept of a service is orthogonal tothat of a peer and a peer group, a peer group formed using thepeer-to-peer platform may require a minimum set of services needed tosupport the operation of the group. Some services may be well known andmay be referred to as peer-to-peer platform core services.

Embodiments of the peer-to-peer platform may define a set of core peergroup services that may be used to form and support peer groups. In oneembodiment, the core peer group services may provide the minimumservices required to form a peer group (e.g. membership and discoveryservices). The peer-to-peer platform core services are preferably 100%decentralized and thus may enable pure peer-to-peer network computing.In one embodiment, it is not required that all core services beimplemented by every peer group.

In one embodiment, the peer-to-peer platform may define peer group coreservices including, but not limited to, a discovery service, amembership service, an access service, a pipe service, a resolverservice and a monitoring service. A discovery service may be used tosearch for peer group resources such as peers, peer groups, and pipes.The search criteria may include a resource name. Discovery and discoveryservices are described more fully later in this document.

In one embodiment, most peer groups will have at least a membershipservice. Current peer group members may use the membership serviceduring the login process to reject or accept a new peer group membershipapplication. The membership service may be a “null” authenticatorservice that imposes no real membership policy. Peers wishing to join apeer group first locate a current member, and then request to join. Theapplication to join may be either rejected or accepted by the collectiveset of current members. The membership service may enforce a vote ofpeers or alternatively elect a designated group representative to acceptor reject new membership applications.

An access service may be used to validate, distribute, and authenticatea group member's credentials. The access service may define the type ofcredential used in the message-based protocols used within the peergroup. The access service may be used to validate requests made by onepeer to another. The peer receiving the request provides the requestingpeer's credentials and information about the request being made to theaccess service to determine if the access is permitted. In oneembodiment, not all actions within the peer group need to be checkedwith the access service, only those actions which only some peers arepermitted to use.

A pipe service may be used to establish and manage pipe connectionsbetween the different peer group members. A resolver service may be usedto send query string to peers to find information about a peer, a peergroup, a service or a pipe. A monitoring service is used to allow onepeer to monitor other members of the same peer group.

In on embodiment, not all the above services are required to beimplemented by a peer group. Each service may implement one or more ofthe peer-to-peer platform protocols. A service preferably implements oneprotocol for simplicity and modularity reasons, but some services maynot implement any protocols.

Other services may be user-defined and provide application dependentservices such as content searching and indexing. A user-defined servicemay provide additional APIs. User-defined services may be implementedthat may offer the ability to mix-in centralization as a means ofincreasing performance. In one embodiment, the peer-to-peer platformcore services may provide a reference implementation for user-definedservices. Examples of user defined services may include, but are notlimited to:

-   -   Efficient long-distance peer lookup and rendezvous using a peer        naming and discovery service.    -   Simple, low-cost information search and indexing using a content        sharing service.    -   Interoperability with existing centralized networking        infrastructure and security authorities in corporate, public,        private, or university networks using administration services.    -   A resolver service may be implemented to find active (running on        some peer) and inactive (not yet running) service instances.    -   An FTP service that allows file transfers among peers over pipes        using FTP.        Advertisements

In one embodiment, the peer-to-peer protocols may use advertisements todescribe and publish the existence of peer resources. An advertisementmay be defined as a structured, language neutral metadata structure thatnames, describes, and publishes the existence of a peer-to-peer platformresource, such as a peer, a peer group, a pipe, or a service.

In one embodiment, advertisements may be used in the peer-to-peerplatform as language-neutral metadata structures. In one embodiment,each software platform binding may describe how advertisements areconverted to and from native data structures such as Java objects or ‘C’structures. Each protocol specification may describe one or more requestand response message pairs. In one embodiment, advertisements may be themost common document exchanged in messages.

Information exchanged between peers may include advertisement documents.The peer-to-peer platform preferably includes advertisement documents torepresent all of the peer-to-peer platform resources managed by the coreplatform, such as peers, peer groups, pipes and services. In oneembodiment, the peer-to-peer platform may define a set of coreadvertisements. The peer-to-peer platform may define core advertisementtypes including, but not limited to, one or more of peer advertisements,peer group advertisements, pipe advertisements, service advertisements,content advertisements, and endpoint advertisements. In one embodiment,user-defined advertisement subtypes (for example, using XML schemas) maybe formed from these basic types. Subtypes of the core advertisementsmay be used to add an unlimited amount of extra, richer metadata to apeer-to-peer network. The peer-to-peer platform protocols,configurations and core software services however, preferably operateonly on the core advertisements.

In one embodiment, an advertisement is a markup language structureddocument that names, describes, and publishes the existence of apeer-to-peer platform resource. In one embodiment, peer-to-peer platformadvertisements may be represented in the Extensible Markup Language(XML) and are therefore software platform neutral. XML provides apowerful means of representing data and metadata throughout adistributed system. XML provides universal (software-platform neutral)data because XML is language agnostic, self-describing, strongly-typedand ensures correct syntax. XML advertisements may be strongly typed andvalidated using XML schemas. XML also allows advertisements to betranslated into other encodings such as HTML and WML. This featureallows peers that do not support XML to access advertised resources. Inone embodiment, each document may be converted to and from a platformspecific representation such as a Java object. In one embodiment, peerssupporting the various protocols requiring that advertisements beexchanged in messages may accept only valid XML documents that descendfrom the base XML advertisement types.

Advertisements represented in a markup language such as XML, like anymarkup language document, may be composed of a series of hierarchicallyarranged elements. Each element may include its data and/or additionalelements. An element may also have attributes. Attributes are name-valuestring pairs. An attribute may be used to store metadata, which may beused to describe the data within the element.

In one embodiment, a peer advertisement may be used to describe a peer.A peer advertisement may describe the peer resources. One use of a peeradvertisement is to hold specific information about the peer, such asits name, peer identifier, registered services and available endpoints.FIG. 6 illustrates the content of a peer advertisement according to oneembodiment. The following is an example of one embodiment of a peeradvertisement in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <PeerAdvertisement> <Name> nameof the peer</Name> <Keywords>search keywords </Keywords> <Pid> Peeridentifier </Pid> <Services> <Service advertisement> . . . </Serviceadvertisement> </Services> <Endpoints> <endpoint advertisement> . . .</endpoint advertisement> </Endpoint> <InitialApp> <Serviceadvertisement> . . . </Service advertisement> </InitialApp></PeerAdvertisement>

Embodiments of a peer advertisement may include, but are not limited to,the following fields:

-   -   Name: an optional string that can be associated with a peer. In        one embodiment, the name is not required to be unique unless the        name is obtained from a centralized naming service that        guarantees name uniqueness.    -   Keywords: an optional string that may be used to index and        search for a peer. In one embodiment, the string is not        guarantee to be unique. Two peers may have the same keywords.        The keywords string may contain spaces.    -   Peer identifier: uniquely identifies the peer. In one        embodiment, this may be a required element. Each peer has a        unique identifier.    -   Service: a service advertisement element for each service        published on the peer.    -   Services started on a peer may publish themselves to the peer.        In one embodiment, not all services running on the peer need to        publish themselves.    -   Endpoint: an endpoint URI (e.g. tcp://129.144.36.190:9701 or        http://129.144.36.190:9702) for each endpoint available on the        peer.    -   InitialApp: Optional application/service started when the peer        is booted. A service advertisement is used to describe the        service.

In one embodiment, a peer group advertisement may be used to describe,for a peer group, the group specific information (name, peer groupidentifier, etc.), the membership process, and the available peer groupservices. The peer group advertisement defines the core set of servicesto be used by that peer group. In one embodiment, it may not enforcethat each peer must run each service locally. Rather it defines the setof services that are made available to the peer group.

In one embodiment, the initial creator of the peer group may define whatadvertisements go into the peer group advertisement at creation time.Other peers may get a copy of the peer group advertisement when theydiscover advertisements via the discovery service. In one embodiment,peer group advertisements are immutable objects and new services may notbe added due to java binding. Other embodiments may allow new servicesto be added. In one embodiment, a peer group may provide a registrationservice that allows the dynamic registration of services.

FIG. 7 illustrates the content of a peer group advertisement accordingto one embodiment. The following is an example of one embodiment of apeer group advertisement in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <PeerGroupAdvertisement> <Name>name of the peer group </Name> <Keywords> search keywords </Keywords><Gid> Peer group Id </Gid <Services> <Service advertisement> . . .</Service advertisement> </Services> <InitialApp> <Serviceadvertisement> . . . </Service advertisement> </InitialApp></PeerGroupAdvertisement>

Embodiments of a peer group advertisement may include, but are notlimited to, the following fields:

-   -   Name: an optional name that may be associated with a peer group.        In one embodiment, the name is not required to be unique unless        the name is obtained from a centralized naming service that        guarantee name uniqueness.    -   Keywords: an optional string that may be used to index and        search for a peer group. In one embodiment, the string is not        guarantee to be unique. Two peer groups may have the same        keywords.    -   Peer group Id: uniquely identifies the peer group. In one        embodiment, this is a required element. Each peer group has a        unique id.    -   Service: a service advertisement element for each peer group        service available in the peer group. In one embodiment, not all        peer group services need to be instantiated when a peer joins a        peer group. In one embodiment, at least a membership service        should be available, so the membership service may implement a        null authenticator membership.    -   InitialApp: optional application/service started when a peer is        joining a peer group. A service advertisement may be used to        describe the service. The initial application may be started        when a peer is joining a group. Alternatively, it may be left to        the joining peer to decide to either start or not start the peer        group initial application.

Once a peer joins a group, that peer may receive (depending again uponmembership configuration) a full membership-level peer groupadvertisement. The full membership advertisement, for example, mightinclude the configuration (required of all members) to vote for newmember approval.

In one embodiment, a pipe advertisement may be used to describe aninstance of a pipe communication channel. A pipe advertisement may beused by a pipe service to create associated input and output pipeendpoints. In one embodiment, a pipe advertisement document may bepublished and obtained either by using a discovery service (e.g. thecore discovery service) or by embedding it within other advertisementssuch as the peer or peer group advertisement. Each pipe advertisementmay include an optional symbolic name that names the pipe and a pipetype to indicate the type of the pipe (point-to-point, propagate,secure, etc). FIG. 8 illustrates the content of a pipe advertisementaccording to one embodiment. The following is an example of oneembodiment of a pipe advertisement in XML, and is not intended to belimiting:

<?xml version=“1.0” encoding=“UTF-8”?> <PipeAdvertisement> <Name> nameof the pipe</Name> <Id> Pipe Id </Id> <Type> Pipe Type </Type></PipeAdvertisement>

Embodiments of a pipe advertisement may include, but are not limited to,the following fields:

-   -   Name: an optional name that may be associated with a pipe. In        one embodiment, the name is not required to be unique unless the        name is obtained from a centralized naming service that        guarantee name uniqueness.    -   Pipe identifier: uniquely identifies the pipe. In one        embodiment, this is a required element. Each pipe has a unique        id.    -   Type: This is an optional pipe type that may be provided to        specify the quality of services implemented by the pipe. Pipe        types may include, but are not limited to:        -   RELIABLE (guaranteed delivery and ordering, and deliver only            once)        -   UNRELIABLE (may not arrive at the destination, may be            delivered more than once to the same destination, may arrive            in different order)        -   SECURE (reliable and encrypted transfer)

In one embodiment, a service advertisement may be used to describe apeer-to-peer platform-enabled service. Service advertisements preferablydescribe how to activate and/or use the service. In one embodiment, apeer-to-peer platform-enabled service is a service that uses pipes asprimary invocation mechanism. To invoke the service, a peer may amessage to the associated service pipe. In one embodiment, the core peergroup services that each peer group preferably implements in order torespond to the messages described for the peer-to-peer platformprotocols are peer-to-peer platform-enabled services and thus may bepublished using service advertisements. The service advertisementdocument may be published and obtained using the peer informationprotocol for peer services, or alternatively using the peer groupdiscovery protocol for peer group services.

In one embodiment, a pipe advertisement and access method fields mayprovide a placeholder for any kind of service invocation schema thatdefines the valid set of XML messages accepted by the service and theassociated message flow. Thus, the peer-to-peer platform protocols maybe agnostic of service invocation and interoperate with any existingframework. A service advertisement access method field may refer to aWSDL (e.g. www.w3.org/TR/wsdl), ebXML (e.g. www.ebxml.org), UPnP (e.g.www.upnp.org) or a client-proxy schema, among others. For example, aWSDL access method may define messages that are abstract descriptions ofthe data being exchanged and the collections of operations supported bythe service using a WSDL schema. In one embodiment, a serviceadvertisement may include multiple access method tags, as there may bemultiple ways to invoke a service. Thus, the peer may ultimately decidewhich invocation mechanism to use. For example, small devices may wantto use a small-footprint mechanism or a service framework they alreadyhave the code for, and larger devices may decide to download aclient-proxy code.

In one embodiment, the access method for services is a schema of validXML messages accepted by the service. In one embodiment, a serviceadvertisement may contain a URL or URI tag to point to a jar file, DLL,or loadable library. A peer may use this to download the code to run theservice, for example if the peer joins the peer group and doesn't havethe required code to run the service.

In one embodiment, once a service advertisement is sent out into theworld there is no method of pulling it back in. However, each individualpeer may have the ability to purge the set of cached advertisements thatreside locally, and a rendezvous peer may purge its cache periodically(e.g. daily).

FIG. 9 illustrates the content of a service advertisement according toone embodiment. The following is an example of one embodiment of aservice advertisement in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <ServiceAdvertisement> <Name>name of the Service</Name> <Version> Version Id </Version> <Keywords>search keywords <Keywords> <Id> Service identifier </Id> <Pipe> Pipeendpoint to access the service </Pipe> <Params> service configurationparameters </Params> <URI> service provider location</URI> <Provider>Service Provider</Provider> <AccessMethods> . . . </AcessMethods></ServiceAdvertisement>

Embodiments of a service advertisement may include, but are not limitedto, the following fields:

-   -   Name: an optional name that may be associated with a service. In        one embodiment, the name is not required to be unique unless the        name is obtained from a centralized naming service that        guarantees name uniqueness.    -   Keywords: an optional string that may be used to index and        search for a service. In one embodiment, the string is not        guaranteed to be unique. Two services may have the same        keywords.    -   Service Id: uniquely identifies a service. In one embodiment,        each service has a unique id. In one embodiment, this element        may be required.    -   Version: specifies the service version number. In one        embodiment, this element may be required.    -   Provider: gives information about the provider of the service.        This will typically be a vendor name. In one embodiment, this        element may be required.    -   Pipe: an optional element that specifies a pipe advertisement to        be used to create an output pipe to connect to the service. In        one embodiment, services are not required to use pipes.    -   Params: a list of configuration parameters available to the peer        when invoking the service. In one embodiment, the parameter        field is optional. Parameters may be defined as a list of        strings.    -   URI: This is an optional parameter that may be used to specify        the location of where the code for the service may be found.    -   Access Methods: In one embodiment, at least one access method is        required to specify how to invoke the service. Multiple access        method tags may be used when multiple access methods are        available. The access method tag allows any kind of service        invocation representation to be specified. For example the        access method may be a placeholder for a WSDL or uPnP document        that describes a web service access method.

In one embodiment, a content advertisement may be used to describe acontent document stored somewhere in a peer group. In one embodiment,there are no restrictions on the type of contents that can berepresented. A content may be a file, a byte array, code or processstate, for example. In one embodiment, each item of content may have aunique identifier also known as its canonical name. The uniqueidentifier may include a peer group universal unique identifier (UUID),and also may include another name that may be computed, parsed, andmaintained by peer group members. In one embodiment, the content's nameimplementation within the peer group is not mandated by the peer-to-peerplatform. The name may be a hash code, a URI, or a name generated by anysuitable means of uniquely identifying content within a peer group. Theentire canonical content name may be referred to as a content identifieror content ID. FIG. 3 illustrates an exemplary content identifieraccording to one embodiment.

FIG. 10 illustrates a content advertisement according to one embodiment.A size element is preferably provided for all content items and givesthe total size of the content. In one embodiment, the size is in bytes.In one embodiment, the size is a long (unsigned 64-bits). A contentadvertisement may also include a MIME (Multi-Purpose Internet MailExtensions) type that describes the MIME type (encoding may be deducedfrom the type) of the in-line or referenced data. A contentadvertisement may also include a RefID element. If the advertisedcontent is another advertisement (based upon its type), the RefID is thecontent ID of the referenced content. If the advertised content is notanother advertisement, the RefID element may be omitted.

The following is an example of one embodiment of a content advertisementin XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <ContentAdvertisement> <Mimetype>name of the pipe</Mimetype> <Size> Pipe Id </Size> <Encoding> Pipe Type</Encoding> <ID> Content ID</ID> <RefID> Content ID </RefID> <Document>document </Document> </ContentAdvertisement>

Embodiments of a content advertisement may include, but are not limitedto, the following fields:

-   -   ID: in one embodiment, all contents have a unique id.    -   Size: the total size of the content. In one embodiment, a long        (unsigned 64-bits) represented as a string. “−1” indicates that        the size is unknown.    -   Mimetype: the mime type of the content. The type may be unknown.    -   Encoding: specifies the encoding used.    -   RefID: if the advertised content is about another content, the        RefID specifies the content ID of the referenced content.

In one embodiment, an endpoint advertisement may be used to describepeer transport protocols. In one embodiment, a peer may support one ormore transport protocols. In one embodiment, peers may have multiplenetwork interfaces. Typically, there will be one peer endpoint for eachconfigured network interface and/or protocol (e.g. TCP/IP, HTTP). Anendpoint advertisement may be included as a tag field in a peeradvertisement to describe the endpoints available on the peer. In oneembodiment, an endpoint advertisement document may be published andobtained either by using the core discovery service or by embedding itwithin other advertisements such as the peer advertisement. Eachendpoint advertisement may include transport binding information abouteach network interface or transport protocol. Endpoints may berepresented with a virtual endpoint address that may include allnecessary information to create a physical communication channel on thespecific endpoint transport. For example, “tcp://123.124.20.20:1002” or“http://134.125.23.10:6002” are strings representing endpoint addresses.FIG. 11 illustrates the content of an endpoint advertisement accordingto one embodiment. The following is an example of one embodiment of anendpoint advertisement in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <EndpointAdvertisement> <Name>name of the endpoint</Name> <Keywords> search string </Keywords><Address> endpoint logical address </Address> </EndpointAdvertisement>

Embodiments of an endpoint advertisement may include, but are notlimited to, the following fields:

-   -   Name: an optional name that may be associated with an endpoint.        In one embodiment, the name is not required to be unique unless        the name is obtained from a centralized naming service that        guarantee name uniqueness.    -   Keywords: an optional string that may be used to index and        search for an endpoint. In one embodiment, the string is not        guarantee to be unique. Two endpoints may have the same        keywords.        Peer-to-peer Platform Protocols

The peer-to-peer platform protocols may be used to provide and supportad hoc, pervasive, and multi-hop peer-to-peer (P2P) network computing.Using the protocols, peers can cooperate to form self-organized andself-configured peer groups independently of their positions in thenetwork (e.g. edges, firewalls), and without the need of a centralizedmanagement infrastructure. The peer-to-peer platform protocols may havevery low overhead, make few assumptions about the underlying networktransport and limited requirements of the peer environment, and may beused to deploy a wide variety of P2P applications and services in ahighly unreliable and changing network environment.

In one embodiment, the peer-to-peer platform may include core protocolsincluding, but not limited to, a peer membership protocol, a peerdiscovery protocol, a peer resolver protocol, a peer informationprotocol, a pipe binding protocol, and a peer endpoint protocol. Theseprotocols may be implemented using a common messaging layer. Thismessaging layer binds the protocols to various network transports. Inone embodiment, the peer-to-peer platform protocols may be specified asa set of markup language (e.g. XML) messages exchanged between peers.Each software platform binding describes how a message is converted toand from a native data structures such as a Java object or ‘C’structure. In one embodiment, the use of markup language messages todefine protocols allows many different kinds of peers to participate ina protocol. Each peer is free to implement the protocol in a manner bestsuited to its abilities and role. Peer-to-peer platform messages aredescribed previously in this document.

In one embodiment, each of the protocols is independent of the others.Preferably, a peer is not required to implement all of the networkingprotocols. A peer preferably needs to implement only the protocol thatit requires. For example, a device may have all the advertisements ituses pre-stored in memory, so that peer does not need to implement thePeer Discovery Protocol. As another example, a peer may use apre-configured set of peer routers to route all its messages, hence thepeer does not need to implement the Peer Endpoint protocol. Instead, thepeer sends messages to the routers to be forwarded. As yet anotherexample, a peer may not need to obtain or wish to provide statusinformation to other peers, hence the peer does not to implement thepeer information protocol. The same can be said about all of the otherprotocols. In one embodiment, a peer may implement only a portion(client-side or server-side only, for example) of a protocol.

Peers may use the peer-to-peer platform protocols to advertise theirresources and to discover network resources (services, pipes, etc.)available from other peers. Peers may form and join peer groups tocreate special relationships. The peer-to-peer platform protocols mayallow peers to communicate without needing to understand or manage thepotentially complex and dynamic network topologies that are becomingcommon. Peers may cooperate to route messages allowing for full peerconnectivity. The peer-to-peer platform protocols allow peers todynamically route messages across multiple network hops to anydestination in the network (potentially traversing firewalls). Eachmessage may include either a complete or a partial ordered list ofgateway peers through which the message might be routed. If routeinformation is incorrect, an intermediate peer may assist in dynamicallyfinding a new route. A peer-to-peer platform protocol message that isrouted through multiple hops is preferably not assumed to be reliablydelivered, even if only reliable transports such as TCP/IP are usedthrough all hops. A congested peer may drop messages at any time ratherthan routing them.

The peer-to-peer platform protocols may be implemented on a variety ofnetworks including, but not limited to, the Internet, corporateintranets, dynamic proximity networks, home networking environments,LANs and WANs. The peer-to-peer platform protocols may allow thepeer-to-peer platform to be easily implemented on unidirectional linksand asymmetric transports. In particular, many forms of wirelessnetworking do not provide equal capability for devices to send andreceive. The peer-to-peer platform permits any unidirectional link to beused when necessary, improving overall performance and networkconnectivity in the system. Thus, the peer-to-peer platform protocolsmay be easy to implement on any transport. Implementations on reliableand bidirectional transports such as TCP/IP or HTTP may provideefficient bidirectional communications. Even on bidirectionaltransports, communication ability between any pair of peers may at timesnot work equally well in both directions. That is, communicationsbetween two peers will in many cases be able to operate bidirectionally,but at times the connection between two peers may be onlyunidirectional, allowing one peer to successfully send messages to theother while no communication is possible in the reverse direction. Thepeer-to-peer platform unidirectional and asymmetric transport also playswell in multi-hop network environments where the message latency may bedifficult to predict. Furthermore, peers in a P2P network tend to havenondeterministic behaviors and thus may appear or leave the network veryfrequently.

In one embodiment, the peer-to-peer platform protocols do not require abroadcast or multicast capability of the underlying network transport.Messages intended for receipt by multiple peers (propagation) may beimplemented using point-to-point communications. The peer-to-peerplatform protocols preferably do not require periodic messages of anykind at any level to be sent within the network, and thus preferably donot require periodic polling, link status sensing, or neighbor detectionmessages, and may not rely on these functions from any underlyingnetwork transport in the network. This entirely on-demand behavior ofthe protocols and lack of periodic activity may allow the number ofoverhead messages generated by the peer-to-peer platform to scale allthe way down to near or at zero, when all peers are stationary withrespect to each other and all routes needed for current communicationhave already been discovered.

In one embodiment, the peer-to-peer platform protocols are defined asidempotent protocol exchanges. The same messages may be sent/receivedmore than once during the course of a protocol exchange. Preferably, noprotocol states are required to be maintained at both ends. Due to theunpredictability of P2P networks, assumptions may not be made about thetime required for a message to reach a destination peer, and thus thepeer-to-peer platform protocols preferably do not impose any timingrequirements for message receipt.

The peer-to-peer platform protocols may take advantage of additionaloptimizations, such as the easy ability to reverse a source route toobtain a route back to the origin of the original route.

FIG. 12 illustrates protocols and bindings in a peer-to-peer platformaccording to one embodiment. When the peer-to-peer platform protocolsare implemented using a particular programming language and over aparticular transport protocol, the implementation is an instance of apeer-to-peer platform binding 220, where the peer-to-peer platformprotocols are bound to the language and the transport layer. In oneembodiment, protocol and peer software implementation issues may bedefined in documents specific to the binding. A binding documentdescribes how the protocols are bound to an underlying network transport(such as TCP/IP or UDP/IP) or to a software platform such as Java 222 ora native software platform 224 such as UNIX.

The following describes the transport binding of the peer-to-peerplatform protocols over TCP/IP including the message wire format ofpeer-to-peer platform endpoint messages over a TCP/IP socket connectionaccording to one embodiment. Each TCP/IP message may include a headerand a body. In one embodiment, the format of the header is:

Type Source IP address Source Port Size Option Unused

The type may include information used to either unicast or multicast therequest. The type may indicate whether this is a propagate message, aunicast message, an ACK or a NACK. The port may allow each peer todecide to bind its transport service to a specific port number. The TCPbinding preferably does not require that a specific port be used. Thesize may indicate the body size (not including the header). The optionmay be used to specify the kind of socket connections (uni- orbi-directional) in use. The TCP/IP binding does not require themaintenance of any states. The normal operation is for one peer to senda TCP/IP packet to another one, and to close the socket after the packetis sent. This is the minimum functionality required to implementunidirectional pipes. In one embodiment, if the receiving end decides tokeep the connection active (socket “keep alive”), it may return anindicator to the sender to tell the sending end that it is keeping theconnection alive. The sending end may reuse the same socket to send anew packet.

The following describes the transport binding of the peer-to-peerplatform protocols over HTTP including the wire message format for theHTTP binding of the peer-to-peer platform protocols. An HTTP requestformat message may include a header and a body using an HTML format. Forexample:

<HTML> <Code> Header </Code> <Msg> Body </Msg> </HTML>

The header allows the receiving end to determine which message type isreceived. Message types may include request succeeded, request failed,empty (no body) and response (the body is not empty and contains data).The body may be represented as a string in the HTML request document.Connection states that may be used include, but are not limited to:

-   -   Peer Connection: Before a message can be sent to a HTTP server        peer, the HTTP client may be required to send a request for        connection to the other peer. The request for connection message        may use the empty header type. The message may be sent using a        GET request to the following server URL:        http://ip-name:port/reg/client-peerid/. ip-name specifies the IP        of the server peer and the port is the corresponding server port        number (8080 for example). The server replies with an empty        message containing either a request succeeded or request failed        header type. The peer connection message may be used to create a        client session on the receiving peer. The receiving peer may        decide to reject the connection and refuse the client        connection. This corresponds to a client registration.    -   Message Sending: To send a message to another peer server, the        client sends a message of the response type with a message body        part. The server replies with an ok or failed message. The        message is sent to the following URL using the PUT method:        http://ip-name:port/snd/. The server replies with a message        including a request succeeded or request failed header type.    -   Message Retrieving: To retrieve messages from a peer server, the        client may send a GET request message with the empty header tag        to the following URL: http://ipname:port/rec/client-peerid/. The        server replies with may respond with a message failed message or        with a Content message including the messages retrieved.        Peer Discovery Protocol

In one embodiment, the peer-to-peer platform may include a peerdiscovery protocol that may allow a peer to find advertisements on otherpeers. The peer discovery protocol may be used to discover any publishedpeer resources including other peers, peer groups, pipes, services andany other resource that has an advertisement in the peer-to-peernetwork. This protocol may be used to find members of any kind of peergroup, presumably to request membership. In one embodiment, the peerdiscovery protocol is the default discovery protocol for all peergroups, including the world peer group. The discovery protocol may beused as a default discovery protocol that allows all peer-to-peerplatform peers to understand each other at a very basic level.

The peer discovery protocol may provide, at the lowest level, theminimum building blocks for propagating discovery requests betweenpeers. Thus, the peer discovery protocol may provide the essentialdiscovery infrastructure for building high-level discovery services. Inmany situations, discovery information is better known by a high-levelservice, because the service may have a better knowledge of the topology(firewall traversal), and the connectivity between peers. The peerdiscovery protocol may provide a basic mechanism to discoveradvertisements while providing hooks so high-level services andapplications can participate in the discovery process. Services may beable to give hints to improve discovery (i.e. decide whichadvertisements are the most valuable to cache).

In one embodiment, the peer discovery protocol may be based on webcrawling and the use of rendezvous peers. Rendezvous peers are peersthat offer to cache advertisements to help others peers discoverresources, and propagate requests they cannot answer to other knownrendezvous peers. Rendezvous peers and their use in the discoveryprocess are discussed later in this document.

In one embodiment, custom discovery services may choose to leverage thepeer discovery protocol. If a peer group does not have its own discoveryservice, the peer discovery protocol is preferably used as the methodfor probing peers for advertisements. Rendezvous peers may keep a listof known peers and peer groups. This list may or may not be exhaustiveor timely. A custom discovery service (if it knew that the region'srendezvous did keep a timely exhaustive list), for example, may discoverall peers in the region by sending a single message to the rendezvouspeer.

In one embodiment, peer discovery may be done with, or alternativelywithout, specifying a name for the peer to be located and/or the groupto which peers belong. When no name is specified, all discoveredadvertisements of the requested type may be returned. If a probing peerprovides the name of the peer to be located, a simple translation may berequested that returns that peer's advertisement. Once a peer isdiscovered, ping, status, and capability messages may be sent to its“main” endpoint(s) using a peer information protocol. Peers may exportmore than one endpoint. Preferably, each peer designates at least oneprimary endpoint to handle the low-level housekeeping protocols such asthe peer discovery protocol and the peer information protocol.

In one embodiment, the peer discovery protocol may be used to probenetwork peer groups looking for peers that belong to specified peergroups. This process may be referred to as screening. Peers may bescreened for membership by presenting each candidate member with a peergroup name (string matched with the peer group advertisement canonicalname). Preferably, peers claiming to belong to this group may respond,while other peers do not respond. The peer discovery protocol may beused to discover any type of core advertisement including, but notlimited to: peer advertisements, peer group advertisements, pipeadvertisements and service advertisements.

Peer groups need customizable and adaptable discovery policies. In oneembodiment, the peer-to-peer platform may be policy-agnostic, and mayonly provide the basics for discovery. The basics may include one ormore core discovery protocols including, but not limited to, a propagateprotocol (broadcast within a scope range (subnet or peer groupmembers)), a rendezvous protocol (unicast to a trusted discovery peer)and an invite protocol (reverse discovering).

A discovery policy may be implemented in a discovery service based onthe core discovery protocol. In one embodiment, a discovery service inthe core peer-to-peer platform may be used to discover abstractionsand/or entities in the peer-to-peer network including, but not limitedto, peers, peer groups, peer group policies (group defined services) andpipe endpoints.

In some embodiments of a peer-to-peer platform, the discovery servicemay rely on trusted peers (discovery proxies). The discovery service mayleverage local neighbors (local propagate). The discovery service mayuse rendezvous peers (indexes). The discovery service may leave tracesin discovery proxies (cache). The discovery service may use net crawlingas a last resort (propagate between trusted discovery proxies). In oneembodiment, a discovery service may not discover some entities in thepeer-to-peer network including, but not limited to, content (largescale; in one embodiment, a content management service may be used forcontent discovery), metadata (maintain relationship between data),users, and applications.

Embodiments of a peer-to-peer platform discovery service may leveragesurrounding peers and peer groups, provide meetings points for far awaypeers and groups, use an asynchronous protocol and provide reversediscovery. The discovery service preferably may be used to find newneighbor peers and provide the ability for a peer to learn about otherpeer's abilities. Embodiments of a discovery service in the peer-to-peerplatform may provide extensibility, spontaneous configuration, adaptiveconnectivity, a dynamic (i.e. no fixed) network topology, and theability to reach the “edge of the Internet” (firewall, and NAT).

Embodiments of a discovery method in the peer-to-peer platformpreferably do not require centralized naming (e.g. no DNS). A discoveryservice preferably may provide predefined meeting points that may beused in platform bootstrapping. The discovery service preferably maysupport a dynamic environment (peers may come and go). The discoveryservice preferably may support an unreliable environment (peers mayfail). The discovery service preferably may help to adapt to a changingenvironment through viral behavior. The discovery service preferably maybe used to improve performance as a system ages (increase locality). Thediscovery service preferably may be used in support of security (changeof physical location). The discovery service preferably may be used thatprovides administrationless discovery (zero-admin).

Embodiments of the peer-to-peer platform discovery service may allow apeer to learn about other peers that discover it. In one embodiment, thepeer-to-peer platform discovery service may provide application-managedrendezvous. In one embodiment of the peer-to-peer platform, a peerdiscovery protocol may support a discovery query message and a discoveryresponse message to be used in the peer discovery process.

Peer groups need customizable and adaptable discovery policies. Oneapproach to implementing a discovery policy is to start simple and buildmore complex policies. Embodiments of the peer-to-peer platformdiscovery service may support discovery methods including, but notlimited to:

-   -   Propagate Discovery        -   Unicast to predefined rendezvous        -   Leverage transport dependent multicast (e.g. IP)    -   Unicast Discovery        -   Unicast to known rendezvous for forward propagation        -   May be used for reverse Discovery

The peer-to-peer platform preferably does not mandate exactly howdiscovery is done. Discovery may be completely decentralized, completelycentralized, or a hybrid of the two. Embodiments of the peer-to-peerplatform may support discovery mechanisms including, but not limited to:

-   -   LAN-based discovery. This is done via a local broadcast over the        subset.    -   Discovery through invitation. If a peer receives an invitation        (either in-band or out-of-band), the peer information contained        in the invitation may be used to discover a (perhaps remote)        peer.    -   Cascaded discovery. If a peer discovers a second peer, the first        peer may, with the permission of the second peer, view the        horizon of the second peer to discover new peers, groups, and        services.    -   Discovery via rendezvous points. A rendezvous point is a special        peer that keeps information about the peers it knows about. A        peer that can communicate via a rendezvous peer, for example via        a peer-to-peer protocol pipe, may learn of the existence of        other peers. Rendezvous points may be helpful to an isolated        peer by quickly seeding it with lots of information. In one        embodiment, a web site or its equivalent may provide information        of well-known peer-to-peer protocol rendezvous points.

In one embodiment, a peer-to-peer platform web of trust may be used. Ina web of trust, a peer group creator may select initial discoveryproxies, and may delegate to new peer members. Any peer, when trusted,can become a discovery proxy. Discovery proxies may propagate requestsbetween each other for net-crawling discovery. New peers may beuntrusted or low-trust peers, and may be typically difficult to find andhave limited discovery range (this may help protect against misbehaviorsand denial of service attacks). Trusted members are easier to discover.Peers may increase their discovery range as they become more trusted(discovery credential). Some peers may not need to discover beyond theirinitial net peer group range.

In one embodiment, a peer may go through a proximity network, which alsomay be referred to as a subnet or region, to try to find (discover)surrounding peers. The Internet includes the concept of subnets that arephysically defined by physical routers that define regions in whichcomputer systems are connected to one another. Within one of theseregions, the peer-to-peer protocol uses multicast or other propagatemechanism to find peers. In one embodiment, a propagate discoverymechanism may be provided where one peer can propagate a discoveryrequest through a local subnet. Peers that are in the subnet may respondto the discovery request. The propagate discovery mechanism may provideprimarily close range discovery. In one embodiment, only peers that arein the same physical subnet (region) may respond. “Propagate” is at theconceptual level. Multicast is implemented by TCP/IP to providepropagate capabilities. Other transports may use other methods toimplement propagate. For example, Bluetooth provides a differentimplementation of propagate which is not multicast.

The core discovery protocol may provide a format for a local peer tosend a propagate message (a request to find information about otherpeers or peer groups in its local region or subnet) and also a formatfor a response message. A propagate may ask who's there (what peers arein the subnet). One or more peers may decide to respond. Other peers onthe subnet may choose not to respond if they don't want to be discoveredby the requesting peer. The response message may indicate that a peer isthere and that the requesting peer may communicate with it if it wantsmore information. In one embodiment, the core peer-to-peer platform maydefine the format of the discovery requests and responses as part of thepeer discovery protocol. In one embodiment, the messages may be XMLmessages.

One embodiment of a peer-to-peer platform may provide a bootstrappingprocess for peers. In one embodiment, a new peer may not know any peersor peer groups when bootstrapped. When bootstrapping, the peer may issuea peer discovery propagate message. The new peer is looking for one ormore peers in the subnet. The new peer needs to reach some level ofconnectivity in order to support higher-level operations. Fromdiscovered peers, the new peer may acquire information needed to allowthe new peer to go further in its bootstrapping process. For example,the new peer may send messages to another peer requesting information onservices that the other peer may be aware of that the new peer needs forbootstrapping.

When the new peer discovers another peer or peers, it may attempt todiscover peer groups. This process may be similar to the peer discoveryprocess described above. The new peer may send (e.g. propagate) anotherdiscovery message that is configured to discover peer groups. Peers inthe proximity network (region) that are aware of a peer group or peergroups may respond to the peer group discovery message, and may returninformation on the peer group(s) (e.g. peer group advertisements) ofwhich they are aware. The new peer may use this information to determinea peer group or peer groups that it may be interested in joining.

In one embodiment, a peer group may be configured so that only a subsetof peers within a group may have the capabilities to respond to peergroup discovery messages and to provide information about the peer groupto inquiring peers.

Peer and peer group discovery may both be implemented by the peerdiscovery protocol. Peer and peer group discover are more or less at thesame level in the P2P platform. In one embodiment, peer discovery mayuse a message that indicates the discovery is looking for peers, andpeer group discovery may use a similar message that indicates thediscovery is looking for peer groups.

In one embodiment, the peer discovery protocol may be required to beimplemented in a peer platform, and thus all peers will have the servicerunning. When one peer sends (e.g. propagates) a request, then areceiving peer must send a response, unless it is configured to notrespond to at least some requests from at least some peers based uponconfiguration parameters. In another embodiment, peers may beimplemented without the peer discovery protocol. In other words, in thisembodiment, peers are not required to implement the peer discoveryplatform. For example, on some smart devices, peer information and/orpeer group information may be preconfigured into the device, and sobootstrapping may be performed on these devices without having toinitiate a peer discovery.

Embodiments of the peer-to-peer platform may implement a discoverymechanism that is more suited for long-range discovery than thepropagate method described above. In one embodiment, rendezvous peersmay be used in discovery. A rendezvous peer may be described as ameeting point where peers and/or peer groups may register to bediscovered, and may also discover other peers and/or peer groups, andretrieve information on discovered peers and/or peer groups. In oneembodiment, a peer (any peer) in a peer group may decide to become ormay be appointed or elected as a rendezvous peer in the group. Therendezvous peer may be advertised as a meeting point, and may bepredefined on peers so that, for example, the peers, when starting up,may know to go to the rendezvous peer to find information about thepeer-to-peer network. Rendezvous peers may act as information brokers orcentralized discovery points so that peers can find information in aneasy and efficient manner. As a peer group grows, a peer may become arendezvous peer in the group. In one embodiment, a network of rendezvouspeers may be constructed that may help to provide long-range discoverycapabilities. A rendezvous peer may be aware of at least some of theother rendezvous peers in the network, and a discovery message from apeer may be forwarded from a first rendezvous peer to a second, and soon, to discover peers and/or peer groups that are “distant” on thenetwork from the requesting peer.

Rendezvous peers may offer to cache advertisements to help others peersdiscover resources, and may propagate (forward) requests they cannotanswer to other known rendezvous peers. Preferably, a rendezvous peerimplements at least one of these two functions. The services provided bya rendezvous peer may be different than message routing. Message routingis performed at a lower level involving multi-hops connections to send amessage between any peers in the network. In one embodiment, theforwarding of a request between two rendezvous peers may involve routingto propagate a request between two rendezvous, but this is transparentto the rendezvous service and done underneath.

In one embodiment, rendezvous peers may forward requests between eachother. A rendezvous may be typically connected to a few other rendezvouspeers. There may be as many rendezvous peers as peers in a peer group.Not every peer may be a rendezvous (e.g. if a peer has no cachingcapabilities or is isolated behind a firewall). In one embodiment, onlyrendezvous peers may forward a discovery request to another rendezvouspeer. This restriction may serve to limit and control the exponentialgrowth of request propagations within the network. Rendezvous peers maythus provide a simple throttle mechanism to control the propagation ofrequests. In one embodiment, sophisticated rendezvous peers may bedeployed to filter and distribute requests for the best usage of networkresources.

In one embodiment, a peer may be pre-configured with a pre-defined setof rendezvous peers. These bootstrapping rendezvous may help the peerdiscover enough network resources (peers, rendezvous, services) as itneeds to support itself. In one embodiment, the pre-configuredrendezvous are optional. A peer may be able to bootstrap itself byfinding rendezvous or enough network resources in its proximityenvironment. If a peer does not know the information, it may ask thesurrounding peers (hop of 1) if they know the answer. One or more peersmay already have the answer. If no surrounding peers know the answer,the peer may ask its rendezvous peers to find advertisements. Peers arerecognized as rendezvous peers in their peer advertisements. When a peerdiscovers a new peer, it can determine if this peer is a rendezvous. Apeer may not be required to use all the rendezvous peers that it hasdiscovered.

Rendezvous peers may forward requests between themselves. The discoveryprocess continues until one rendezvous peer has the answer or therequest dies. There is typically a Time To Live (TTL) associated withthe request, so it is not infinitely propagated. As an example, supposea peer A is attempting to discover a resource R on the network. Peer Aissues a discovery request specifying the type (peer, peer group, pipe,service) of advertisements it is looking for. To initiate the Discovery,peer A sends a discovery request message as a single propagate packet toall its available endpoints. The packet may contain the requested peeradvertisement, so the receiving peer can respond to the requester. Eachdiscovery request identifies the initiator, and a unique requestidentification specified by the initiator of the request. When anotherpeer receives the discovery request (assume peer B in this example), ifit has the requested R advertisement, it will return to peer A theadvertisement for R in a discovery response message. If Peer A does notget response from its surrounding peers (hop of 1), Peer A may send therequest to its known rendezvous peers. If the rendezvous peers do nothave the advertisement, they can propagate the request to all otherrendezvous peers they know. When a rendezvous receives a respond to arequest, the rendezvous may cache the R advertisement for future usage,before sending it to the requester.

In one embodiment, the peer rendezvous capabilities may be embedded inthe core discovery protocol of the peer-to-peer platform. Rendezvouspeers may be protocol-based, and may broker more information than nameservers that typically only broker names of entities. In one embodiment,a rendezvous peer may maintain indexes for entities in the peer-to-peerplatform including peers, peer groups, and advertisements. Indexes maybe dynamic indexes which may grow as the peer group community grows andmore peers join. As a group joins, some peers may decide to becomerendezvous peers to help peers connect with other peers in the group.

The rendezvous peer is at the peer level. A rendezvous peer is not a“service”. A rendezvous peer may be used as part of an infrastructure toconstruct services such as a DNS or other centralizing and indexservices. In one embodiment, services may interact with a rendezvouspeer to obtain and/or manipulate information stored on the rendezvouspeer to perform some task to make the system act more efficiently.

In a network of peers, some peers may elect themselves, through thediscovery protocol, to become rendezvous peers. A rendezvous peer mayact as a broker or discovery message router to route discovery messagesto the right place. In other words, a rendezvous may act to routediscovery requests to the right rendezvous peers. For example, arendezvous peer may receive a message requesting information about peersthat are interested in baseball. The rendezvous peer may know of anotherrendezvous peer that specializes in information about baseball. Thefirst rendezvous peer may forward or route the message to the secondrendezvous peer. In one embodiment, rendezvous peers may maintainconnections to other rendezvous peers in order to provide discovery androuting functionality.

Rendezvous peers may support long-range discovery. For example, a firstpeer is at a remote location from a second peer. For one of these peersto find the other with a mechanism such as web crawling may be timeconsuming, since there maybe a lot of “hops” between the two peers.Rendezvous peers may provide a shortcut for one of the peers to discoverthe other. The rendezvous peer, thus, may serve to make the discoveryprocess, in particular long-range discover, more efficient.

A peer-to-peer network may be dynamic. Peers and peer groups can comeand go. Dynamic identifiers (addresses) may be used. Thus, routesbetween peers need to be dynamic. Rendezvous peers may provide a methodfor route discovery between peers that allows routing in thepeer-to-peer network to be dynamic. In this method, the rendezvous peersmay perform route discovery for peers when the peers send discoverymessages to the rendezvous peers or when a peer is attempting to connectto another peer or peer group that is not in the local region of thepeer. This method may be transparent to the requesting peer.

In one embodiment, the rendezvous peers may be able to cacheadvertisements. An advertisement may be defined as metadata ordescriptions of a resource. An advertisement may include informationnecessary for an entity to connect to or use the resource, for example aservice advertisement may include information for connecting to andusing the service. Advertisements may be published to allow otherentities to discover them. The rendezvous peer may provide the abilityfor services and applications to store and cache temporary, e.g. via alease mechanism, advertisements. This may used, for example, when oneservice needs to connect to another service, and needs the pipe endpointor communication channel that may be used to connect to the service. Thepipe endpoint may be included in a service advertisement published on arendezvous peer. Thus, in one embodiment, the rendezvous peer providesthe ability for peers, peer groups, services and applications toadvertise pipe endpoints and to discover pipe endpoints of services andapplications.

In one embodiment, the rendezvous protocol may use an index cache (e.g.on a peer serving as a rendezvous proxy). FIG. 13 illustrates discoverythrough a rendezvous peer according to one embodiment. Rendezvous proxy206 may cache peer 200 and peer group 210 information for peer groups210A and 210B. Peers 200 in each peer group 210 may then discover eachother through rendezvous proxy 206. Rendezvous proxy 206 may itself be apeer and may be a member in one or more peer groups 210. In oneembodiment, access to rendezvous proxies 206 may be restricted to peerswith rendezvous access privileges. In this embodiment, non-trusted peers(peers without access privileges) may access rendezvous proxies 206through trusted peers 200 within their peer group 210, or alternativelythrough other local peers in other peer groups. In one embodiment, therendezvous protocol may be used across subnets (configurable at the peergroup level). In one embodiment, the rendezvous protocol may be usedacross/through firewalls (e.g. gateways).

In one embodiment, the peer-to-peer platform may include a propagatepolicy for use in discovery. FIG. 14 illustrates discovery throughpropagate proxies according to one embodiment. In one embodiment,discovery proxy 208 may control propagation of discovery messages. InFIG. 14, discovery proxy 208 may receive discovery messages from peers200 in peer group 210A and propagate the messages to peers in othergroups such as peer group 210B. In one embodiment, access to discoveryproxies 208 may be restricted to peers with discovery proxy accessprivileges. In this embodiment, non-trusted peers (peers without accessprivileges) may access discovery proxies through trusted peers 200within their peer group 210, or alternatively through other local peersin other peer groups. In one embodiment, propagation may be controlledusing TTL (time to live). In another embodiment, propagation may becontrolled using message counts. In one embodiment, the propagate policymay be used for subnet TCP/multicast (platform configurable). In oneembodiment, the propagate policy may support HTTP gateways (platformconfigurable). In one embodiment, the propagate policy may be usedthrough firewalls (e.g. need peer activation behind firewalls).

In one embodiment, the peer-to-peer platform may include an invitepolicy. In one embodiment, the invite policy may support the adding ofnew peers and peer groups (e.g. publish advertisements).

In one embodiment, the peer-to-peer platform may allow the persistentlocal peer caching of discovery information. In this embodiment, a peermay be allowed to cache advertisements discovered via the peer discoveryprotocol for later usage. Caching may not be required by thepeer-to-peer platform, but caching may be a useful optimization. Thecaching of advertisements by a peer may help avoid performing a newdiscovery each time the peer is accessing a network resource. In ahighly transient environment, performing the discovery may be necessary.In a static environment, caching may be more efficient.

In one embodiment, the peer-to-peer platform may support trusteddiscovery peers. In one embodiment, the peer-to-peer platform may usediscovery credentials. In one embodiment, the peer-to-peer platform mayallow credential delegation. In one embodiment, the peer-to-peerplatform may support propagate proxies. In one embodiment, a propagateproxy may support TTL/message counts. TTL stands for Time To Live (howlong the request lives in the system). In one embodiment, a propagateproxy may support net crawling. In one embodiment, a propagate proxy mayprovide “smart above” routing.

In one embodiment, a peer preferably does not initiate a new discoveryrequest until the minimum allowable interval between discoveries isreached. This limitation on the maximum rate of discoveries may besimilar to the mechanism required by Internet nodes to limit the rate atwhich ARP requests are sent for any single target IP address. Themaximum rate may be defined by each specific implementation transportbindings and exported to the application.

FIG. 15 illustrates using messages to discover advertisements accordingto one embodiment. A message or messages may be used to get all known,reachable advertisements within a region on the network. This list ispreferably not guaranteed to be exhaustive, and may be empty. Namedpeers may also be located using the peer discovery protocol. A messagemay include a peer group credential of the probing (requesting) peerthat may identify the probing peer to the message recipient. Thedestination address may be any peer within a region (a propagate message230) or alternatively a rendezvous peer (a unicast message 232). Theresponse message 234 may return one or more advertisements (e.g. peeradvertisements and/or peer group advertisements) that may include “main”endpoint addresses which may be converted to a string in the standardpeer endpoint format (e.g. URI or URL) and also may include a networktransport name. It is preferably not guaranteed that a response to aquery request will be made. Preferably, the peer discovery protocol doesnot require a reliable transport. Multiple discovery query requests maybe sent. None, one or multiple responses may be received.

In one embodiment, a discovery query message may be used to send adiscovery request to find advertisements (e.g. for peers or peergroups). The discovery query may be sent as a query string (attribute,value) form. A null query string may be sent to match any results. Athreshold value may be included to indicate the maximum number ofmatches requested by a peer. The following is an example of oneembodiment of a discovery query message in XML, and is not intended tobe limiting:

<?xml version=“1.0” encoding“=UTF-8”?> <DiscoveryQuery> <Credential>Credential </Credential> <QueryId> query id</QueryId> <Type> requesttype (e.g. PEER, GROUP, PIPE, SERVICE, CONTENT) </Type> <Threshold>requested number of responses </Threshold> <PeerAdv> peer advertisementof requestor </PeerAdv> <Attr> attribute </Attr> <Value> value </Value></DiscoveryQuery>

Embodiments of a discovery query message may include, but are notlimited to, the following fields:

-   -   Credential: The credential of the sender    -   QueryId: Query identifier    -   Type: specifies which advertisements are returned    -   Threshold: requested number of responses    -   PeerAdv: peer advertisement of requestor    -   Attr: specifies the query attribute    -   Value: specifies the query value

In one embodiment, the value tag is only present if the Attr tag fieldis present. Both the Attr and Value tag may be omitted.

In one embodiment, a discovery response message may be used to send adiscovery response message to answer a discovery query message. Thefollowing is an example of one embodiment of a discovery responsemessage in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <DiscoveryResponse> <Credential>Credential </Credential> <QueryId> query id</QueryId> <Type> requesttype (e.g. PEER, GROUP, PIPE, SERVICE, CONTENT) </Type> <Attr> Attribute</Attr> <Value> value </Value> <Responses> (peer, peer group, pipe,service or content advertisement response) </Responses> <. . .><Responses> (peer, peer group, pipe, service or content advertisementresponse) <Responses> </DiscoveryResponse>

Embodiments of a discovery response message may include, but are notlimited to, the following fields:

-   -   Credential: The credential of the sender    -   QueryId: Query identifier    -   Type: specifies which advertisements are returned    -   Attr: specifies the query attribute    -   Value: specifies the query value    -   Responses: advertisement responses. The advertisement may be a        peer, peer group, pipe, content or service advertisement.

In one embodiment, the value tag is only present if the Attr tag fieldis present. Both the Attr and Value tag may be omitted.

In one embodiment, if an XML advertisement document is embedded intoanother XML document, the XML document separators must be dealt with.This may be done using the standard XML escaping rules. For example, ‘<’becomes ‘&lt;’ ‘>’ becomes ‘&gt;’ and ‘&’ becomes ‘&amp’.

Reverse Discovery

Reverse discovery means that, in a peer-to-peer network, when a firstentity (e.g. a peer) discovers a second entity (e.g. another peer), thesecond entity may also discover the first entity from the discoveryinitiated by the first entity. This may also be referred to as “mutualdiscovery”. In most traditional systems, discovery is typicallyone-directional. In the peer-to-peer world, reverse discovery isimportant because, by definition, all “peers” are equal (i.e. it istypically not a hierarchical system). In one embodiment, there may bedifferent levels of discovery for peers. For example, a peer may beconfigured to remain anonymous when discovering other peers or to alwayssupport reverse discovery. In one embodiment, a peer initiating adiscovery may also be configured to deny discovery to another peer ifthe other peer is configured or chooses to remain anonymous. In oneembodiment, a peer may also be configured to or may choose to denydiscovery by other peers that wish to remain anonymous.

Invitations

One embodiment of the discovery protocol may also provide methods bywhich a peer can “advertise” itself, for example when joining apeer-to-peer network. For example, a peer may send an email message, bytelephone, by “traditional” mail, or by other methods to other peers itdiscovers or is preconfigured to know about to advertise its presenceand willingness to be contacted by other peers. This is done outside ofthe discovery method, and may be performed by any external medium. Apeer who receives an invitation from a peer may have a capability to addor enter the new peer to a list or database of peers that it knowsabout. When the peer later restarts, these peers may be among thepreconfigured peers that the peer knows about. In one embodiment, a peermay have a “notify” or “invitation” interface to allow a user toinitiate invitations. In one embodiment, the peer-to-peer platform mayprovide import and export capabilities for invitations. In oneembodiment, the invitations may be implemented as documents external tothe peer-to-peer system that may be exported from one peer and importedinto another peer. In one embodiment, the invitations may be in a formatthat enables the exporting and importing. In one embodiment, theinvitations may be in XML format. In one embodiment, an interface may beprovided to allow the manual entering of invitation information.Importing the invitation may create a peer-to-peer platform documentthat may then be used by the peer. The format of exported documents maydepend on the platform on which the peer is implemented.

Peer Resolver Protocol

In one embodiment, the peer-to-peer platform may include a peer resolverprotocol that may allow a peer node to send query messages topeer-to-peer platform resources and to receive response messages inresponse to the query messages. Resources may include, but are notlimited to, services, content, and/or applications. In one embodiment,peer nodes that provide access to data repositories and/or that offersearch capabilities may implement this protocol, for example. Eachresource may register a handler with a resolver service to process peerresolver protocol query requests, in one embodiment. The resolverservice may examine the query message and determine a particularimplementation of the resource specified by the query message to receiveand process the query. Resource implementations may respond to resolverquery messages via peer resolver protocol response messages. A resourcemay not be limited to responding with status information, in oneembodiment. For example, responses may include, but are not limited to,information requested by the query, the result of a command issued bythe query and carried out by the resource, and/or advertisements.

In on embodiment, the peer discovery protocol and the peer resolverprotocol may have different purposes. The peer discovery protocol may beused to search for advertisements to bootstrap a peer and to discovernew network resources, for example. The peer resolver protocol may beimplemented by a service that services queries in accordance with thepeer resolver protocol. The peer resolver protocol may be used by aservice on a peer to interact with a service on another peer, forexample. The peer resolver protocol may provide a generic message formatwith which both services are familiar, even if the services typicallyare accessed with service-specific protocols. Thus the peer resolverprotocol may provide a generic communication mechanism between peerservices or resources.

In one embodiment, resources participating in the peer-to-peerenvironment may use the peer resolver protocol to communicate with eachother. For example, a resource may have access to another resource'sadvertisement. The advertisement may include information on how tocommunicate with the other resource. The resource may use the peerresolver protocol to communicate with the other resource, and theresource may not communicate with a resolver service.

In one embodiment, the peer resolver protocol may enable each peer tosend and receive queries to find or search for peer, peer group, pipe orservice specific information such as the state of a service or the stateof a pipe endpoint. Preferably, each resolver query has a uniqueresource handler name identifying a resource handler associated with theresolver service to specify the receiving resource, and a query stringto be resolved by the resource. The peer resolver protocol may ensurethat messages are sent to correct addresses and peer groups. The peerresolver protocol may perform authentication and verification ofcredentials (which may be included in resolver queries) and the droppingof messages that may not satisfy the authentication and/or thecredential verification. In some embodiments, there may be no guaranteethat a response to a resolver query request will be made. In someembodiments, a peer is not required to respond to a resolver queryrequest. In some embodiments, a reliable transport is not required bythe peer resolver protocol. In some embodiments, multiple resolver querymessages may be sent. None, one or multiple responses may be received.

In one embodiment, propagating a query to the next set of peers may bedelegated to the peer rendezvous protocol. The rendezvous service may beresponsible for determining the set of peers that may receive a messagebeing propagated, but may not re-propagate an incoming propagatedmessage. The decision of propagating a message one step further may beleft to the service handling the message. The peer rendezvous protocol'spolicy may be that if the query handler does not instruct the peerrendezvous protocol to discard the query, and if the local peer is arendezvous, then the query is re-propagated (within the limits of loopand time-to-live rules that may be enforced by the rendezvous service).In addition, if instructed by the query handler, an identical query maybe issued with the local peer as the originator.

FIG. 16 illustrates one embodiment of using peer resolver protocolmessages between a requesting peer 200A and a responding peer 200B. Inone embodiment, a resolver query message 236 may be used to send(unicast) a resolver query request to a service on another member 200Bof a peer group. In one embodiment, the resolver query may be sent as aquery string to a specific service handler. Preferably, each query has aunique identifier. The query string may be any string that may beinterpreted by the targeted service handler. A resolver response message238 may be sent (unicast) to the requesting peer 200A by the servicehandler.

In one embodiment, a resolver service may be implemented on a peer nodeon a network. Resources may register one or more resource handlers withthe resolver service. The resolver service may receive query messagesthat include resource handler names. The resolver service may determineto which resource implementation a particular query message should besent given the query message's resource handler name. The resourceimplementation's resource handler may generate a response message inresponse to the query message and may send the response message to thesender of the query message. In one embodiment, the resource handler maysend the response message to the resolver service. The resolver servicemay then forward the response message to the sender of the querymessage. The following is an example of one embodiment of a resolverquery message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <ResolverQuery> <Credential>Credential </Credential> <HandlerName> name of handler </HandlerName><QueryId> incremental query Id </QueryId> <Query> query string </Query></ResolverQuery>

Embodiments of a resolver query message may include, but are not limitedto, the following fields:

-   -   Credential: The credential of the sender    -   QueryId: Query identifier    -   HandlerName: name of a handler of a resource    -   Query: query string

A resolver response message may be returned in response to a resolverquery message. The following is an example of one embodiment of aresolver response message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <ResolverResponse> <Credential>Credential </Credential> <HandlerName> name of handler </HandlerName><QueryId> query Id </QueryId> <Response> response </Response></ResolverResponse>

Embodiments of a resolver response message may include, but are notlimited to, the following fields:

-   -   Credential: The credential of the sender    -   QueryId: Query Id (long as a String)    -   HandlerName: name of the handler of a resource that processed        the query    -   Response: response String

FIG. 29 illustrates a peer node querying a resource through a resolverservice using the peer resolver protocol according to one embodiment.Resources may include, but are not limited to, services, content, and/orapplications. Peer node 200 may send a query message, formatted inaccordance with the peer resolver protocol, for a resource to resolver800. Resolver 800 may be a peer node implementing a resolver service.The query message may include a credential for peer node 200, a queryidentifier, and a query. In one embodiment, the query may be a stringand may comprise any string that may be interpreted by the targetedresource handler. One or more peer nodes on the network may hostparticular resource instances 802A, 802B, and 802C.

Resolver 800 may determine which resource instance is to receive thequery message. The determination of which of resource instance 802A,802B, and 802C is to receive the query may be made using one or more ofa variety of criteria to determine an optimal resource instance toreceive the query using the particular criteria. For example, theresolver service may base the determination on the number of hops on thenetwork between resource instances 802A, 802B, and 802C and peer node200. As another example, the resolver may base the determination on thecurrent processing loads of each peer node implementing the resource. Asanother example, the resolver may base the determination on the physicalproximity of resource instances 802A, 802B, and 802C and peer node 200.

In this example, resolver 800 may determine that resource instance 802Bis to receive the query. Resolver 800 may then forward the query messageto resource instance 802B as specified in the query message. Resourceinstance 802B may parse the query included in the query message andgenerate a response to the query. Resource instance 802F may then send aresponse message including the response to resolver 800. Resolver 800may cache the response message and cache the query message to improveefficiency and/or reliability of the querying process. In oneembodiment, the response message may include the credential of the peernode hosting resource instance 802B, the query identifier, the handlername, and the response that includes the requested information. Theresponse may be in the form of a string.

FIG. 30 illustrates a peer node querying a resource through a resolverservice using the peer resolver protocol according to one embodiment.Resources may include, but are not limited to, services, content, and/orapplications. A resource may register resource handlers 804A, 804B, and804C with a resolver service. Resource handlers 804A, 804B, and 804C mayrespond to incoming queries by parsing the query and generating aresponse message. Peer node 200 may send query message 236, formatted inaccordance with the peer resolver protocol, for a resource to resolver800. Resolver 800 may be a peer node implementing a resolver service.Query message 236 may include a credential for peer node 200, a queryidentifier, a query, and a handler name that may identify a resourcehandler. In one embodiment, the query may be a string and may compriseany string that may be interpreted by the targeted resource handler. Oneor more peer nodes on the network may host particular resource instances802D, 802E, and 802F. Resource instances 802D, 802E, and 802F mayimplement resource handlers 804A, 804B, and 804C.

Resolver 800 may receive query message 236. Resolver 800 may determinewhich resource instance is to receive query message 236. Thedetermination of which of resource instance 802D, 802E, and 802F is toreceive the query may be made using one or more of a variety of criteriato determine an optimal resource instance to receive the query using theparticular criteria. For example, the resolver service may base thedetermination on the number of hops on the network between resourceinstances 802D, 802E, and 802F and peer node 200. As another example,the resolver may base the determination on the current processing loadsof each peer node implementing the resource. As another example, theresolver service may base the determination on the physical proximity ofresource instances 802D, 802E, and 802F and peer node 200.

In this example, resolver 800 may determine that resource instance 802Fis to receive the query. Resolver 800 may then forward query message 236to resource handler 804C on resource instance 802F as specified in querymessage 236. Resource handler 804C may parse the query included in thequery message and generate a response to the query. Resource handler804C may then send response message 238 including the response toresolver 800. Alternatively, resource handler 804C may send responsemessage 238 to peer node 200. Alternatively, resource instance 802F mayreceive query message 236, generate response message 238, and send theresponse message to resolver 800 or peer node 200. Resolver 800 mayreceive response message 238 and forward it to peer node 200. Resolver800 may cache response message 238 and may cache query message 236 toimprove efficiency and/or reliability of the querying process. In oneembodiment, response message 238 may include the credential of the peernode hosting resource instance 802F, the query identifier, the handlername, and the response that includes the requested information. Theresponse may be in the form of a string.

FIG. 31 is a flowchart illustrating a method for a peer node querying aresource through a resolver service using the peer resolver protocolaccording to one embodiment. A resource may register one or moreresource handlers with a resolver. The resource handlers may respond toincoming queries by parsing the query and generating a response message.A peer node may send a query message, formatted in accordance with thepeer resolver protocol, for a resource to a resolver as indicated at900. The resolver may be a peer node implementing a resolver service.The query message may include a credential for the querying peer node, aquery identifier, a query, and a handler name that may identify aresource handler. In one embodiment, the query may be a string and maycomprise any string that may be interpreted by the targeted resourcehandler. One or more peer nodes on the network may host instances of theresource. The resource instances may implement one or more resourcehandlers.

The resolver may receive the query message as indicated at 902. Theresolver may determine which of the resource instances is to receive thequery message as indicated at 904. The determination may be made usingone or more of a variety of criteria to determine an optimal resourceinstance to receive the query using the particular criteria. Forexample, the resolver may base the determination on the number of hopson the network between the resource instances and peer node 200. Asanother example, the resolver service may base the determination on thecurrent processing loads of each peer node implementing the resource.

The resolver may then forward query message to the resource handlerindicated in the query message on a determined resource instance asindicated at 906. The resource handler may parse the query included inthe query message and generate a response to the query. The resourcehandler on the determined resource instance may then send a responsemessage including the response to the resolver as indicated at 908.Alternatively, the resource handler may send the response message to thequerying peer node. Alternatively, the resource instance may not use theresource handler; the resource instance may receive the query message,generate a response message, and send the response message to resolveror the peer node. The resolver may receive the response message andforward it to the querying peer node. The resolver may cache theresponse message and may cache the query message to improve efficiencyand/or reliability of the querying process. In one embodiment, theresponse message may include the credential of the peer node hosting theresource instance, the query identifier, the handler name, and theresponse that includes the information requested by the query.

FIG. 32 is a flowchart illustrating a method for a device to participatein a peer-to-peer environment and use the peer resolver protocolaccording to one embodiment. A device on a network may use abootstrapping device mechanism to participate as a peer node in apeer-to-peer environment on the network as indicated at 912. The peernode may use the bootstrapping mechanism to access a peer discoveryservice to discovery resource in the peer-to-peer environment. The peernode may discovery a rendezvous node as indicated at 914. Alternatively,the peer node may be pre-configured to access the rendezvous node. Thepeer node may communicate with the rendezvous node in accordance withthe peer discovery protocol to discovery resource advertisements asindicated at 916. The peer node may desire access to a resource and maydesire information on the current status of the resource, for example.Thus, the peer node may send queries for an advertised resource inaccordance with a peer resolver protocol as indicated at 918.

Note that the methods described in FIGS. 31 and 32 are exemplary and notintended to be limiting. The methods may be implemented in software,hardware, or a combination thereof. The order of methods may be changed,and various elements may be added, reordered, combined, omitted,modified, etc.

Peer Information Protocol

Once a peer is located, its capabilities and status may be of interest.In one embodiment, the peer-to-peer platform may include a peerinformation protocol that may allow a peer to learn about other peers'capabilities and status. For example, a peer can send a ping message tosee if another peer is alive. A peer may also query another peer'sproperties where each property has a name and a value string.Preferably, a peer is not required to respond to a peer informationprotocol request.

FIG. 17 illustrates one embodiment of using peer information protocolmessages between a requesting peer 200A and a responding peer 200B. Inone embodiment, to see if peer 200B is alive (i.e. responding tomessages), peer 200A may be sent a ping message 240. The ping message240 may include a destination address that is peer 200B's “main”endpoint returned during discovery, for example. The message may alsoinclude a group membership credential of the requesting peer 200A thatmay identify the probing peer 200A to the message recipient 200B. Themessage may also contain an identifier unique to the sender. Thisidentifier is preferably returned in the response message 242. Responsemessage 242 may include information about peer 200B, includinginformation on the status of the peer 200B. If peer 200B responds with amessage 242, this may indicate to peer 200A that peer 200B is “alive”and thus currently responding to messages.

In one embodiment, messages may be used to get a list of named control“properties” exported by a peer. A property is a “knob” used to getinformation or configuration parameters from the peer. All propertiesare preferably named (by a string), and are preferably “read-only”. Inone embodiment, higher-level services may offer “read-write” capabilityto the same information, given proper security credentials. Eachproperty preferably has a name and a value string. Read-write widgetsmay allow the string value to be changed, while read-only widgets donot. In one embodiment, the peer information protocol only gives readaccess. The destination address is a peer's main endpoint that may havebeen returned in a discovery response message.

Preferably, a reliable transport is not required by the peer informationprotocol. In one embodiment, multiple peer information messages may besent. None, one or multiple responses may be received.

In one embodiment, a ping message may be sent to a peer to check if thepeer is alive and/or to get information about the peer. The ping optionmay define the response type returned. In one embodiment, a fullresponse (peer advertisement) or a simple acknowledge response (aliveand uptime) may be returned. The following is an example of oneembodiment of a ping message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=”UTF-8“?> <Ping> <Credential> Credential</Credential> <SourcePid> Source Peer Id </SourcePid> <TargetPid> TargetPeer Id </TargetPid> <Option> type of ping requested</Option> </Ping>

In one embodiment, a peer information response message may be used tosend a response message in response to a ping message. The following isan example of one embodiment of a peer information response message inXML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <PeerInfo> <Credential>Credential </Credential> <SourcePid> Source Peer Id </SourcePid><TargetPid> Target Peer Id </TargetPid> <Uptime> uptime</Uptime><TimeStamp> timestamp </TimeStamp> <PeerAdv> Peer Advertisement</PeerAdv> </PeerInfo>Peer Membership Protocol

In one embodiment, the peer-to-peer platform may include a peermembership protocol that may allow a peer to join or leave peer groups,and to manage membership configurations, rights and responsibilities.This protocol may allow a peer to obtain group membership requirements(such as an understanding of the necessary credential for a successfulapplication to join the group), to apply for membership and receive amembership credential along with a full group advertisement, to updatean existing membership or application credential, and to cancel amembership or an application credential. In one embodiment,authenticators and/or security credentials may be used to provide thedesired level of protection.

In one embodiment, the process of joining a peer group may includeobtaining a credential that is used to become a group member. In oneembodiment, the process of joining a peer group may include obtaining a“form” listing the set of requirements asked of all group members. Inone embodiment, this form may be a structured document (e.g. a peergroup advertisement) that lists the peer group membership service.

In one embodiment, the peer membership protocol may define messagesincluding, but not limited to, an apply message, a join message, anacknowledgement (ACK) message, a renew message, and a cancel message. Apeer membership protocol apply message may be sent by a potential newgroup member to the group membership application authenticator. Theauthenticator's endpoint is preferably listed in the peer groupadvertisement of every member. In one embodiment, a successful responsefrom the group's authenticator may include an application credential anda group advertisement that preferably lists, at a minimum, the group'smembership service. In one embodiment, the apply message may include,but is not limited to, the current credential of the candidate groupmember and the peer endpoint for the peer group membership authenticatorto respond to with an acknowledgement (ACK) message.

The following is an example of one embodiment of a peer membershipprotocol apply message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <MembershipApply> <Credential>Credential of requestor </Credential> <SourcePid> Source pipe identifier</SourcePid> <Authenticator> Authenticator pipe advertisement</Authenticator> </MembershipApply>

A peer membership protocol join message may be sent by a peer to thepeer group membership authenticator to join a group. The peer preferablypasses an application credential (from an apply response ACK message)for authentication purposes. A successful response from the group'sauthenticator preferably includes a full membership credential and afull group advertisement that lists, at a minimum, the group'smembership configurations requested of full members in good standing.The message may include a credential (application credential of theapplying peer: see ACK message). This credential may be used as theapplication form when joining. The message may also include the peerendpoint for the authenticator to respond to with an ACK message.

The following is an example of one embodiment of a peer membershipprotocol join message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <MembershipJoin> <Credential>Credential of requestor </Credential> <SourcePid> Source pipe identifier</SourcePid> <Membersship> membership pipe advertisement </Membership><Identity> identity</Identity> </MembershipJoin>

A peer membership protocol ACK message is an acknowledge message thatmay be used for both join and apply operations. A peer membershipprotocol ACK message may be sent back by the membership authenticator toindicate whether or nor the peer was granted application rights to thepeer group if the peer is applying, or full membership to the peer groupif peer is attempting to join. In one embodiment, an ACK message mayalso be sent in response to peer membership protocol renew messages andcancel messages. The message may include a credential (an application ormembership credential allocated to the peer by the peer groupauthenticator). The message may also include a more complete peer groupadvertisement that may provide access to further configurations. In oneembodiment, not all configuration protocols are visible until the peerhas been granted membership or application rights. Some configurationsmay need to be protected. Also, depending on the peer credential, thepeer may not have access to all the configurations.

The following is an example of one embodiment of a peer membershipprotocol ack message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <MembershipAck> <Credential>Credential </Credential> <SourcePid> Source pipe identifier </SourcePid><Membersship> membership pipe advertisement </Membership> <PeerGroupAdv>peer group advertisement </PeerGroupAdv> <PeerGroupCredential>credential granted </PeerGroupCredential> </MembershipAck>

A peer membership protocol renew message may be sent by a peer to renewits credential (membership or application) access to the peer group. AnACK (acknowledgement) message may be returned with a new credential andlease if the new is accepted. The renew message may include, but is notlimited to, a credential (a membership or application credential of thepeer) and the peer endpoint to which an ACK response message may besent.

The following is an example of one embodiment of a peer membershipprotocol renew message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding“UTF-8”?> <MembershipRenew> <Credential>Credential </Credential> <SourcePid> Source pipe identifier </SourcePid><Membersship> membership pipe advertisement </Membership></MembershipRenew>

A peer membership protocol cancel message may be sent by a peer tocancel the peer's membership or application rights in a peer group. Themessage may include, but is not limited to, a credential (a membershipor application credential of the peer) and the peer endpoint to send anACK message. In one embodiment, an ACK to a cancel may include aresponse status indicating the cancel was accepted.

The following is an example of one embodiment of a peer membershipprotocol cancel message in XML, and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <MembershipCancel> <Credential>Credential </Credential> <SourcePid> Source pipe identifier </SourcePid><Membersship> membership pipe advertisement </Membership></MembershipCancel>Pipe Binding Protocol

In one embodiment, the peer-to-peer platform may include a pipe bindingprotocol that may allow a peer to find the physical location of a pipeendpoint and to bind a pipe advertisement to the pipe endpoint, thusindicating where messages actually go over the pipe. A pipe isconceptually a virtual channel between two pipe endpoints (input andoutput pipes) and may serve as a virtual link between two or more peersoftware components (e.g. services or applications).

A pipe may be viewed as an abstract, named message queue that supports anumber of abstract operations such as create, open, close, delete, send,and receive. The pipe virtual link (pathway) may be layered upon anynumber of physical network transport links such as TCP/IP. Each end ofthe pipe may work to maintain the virtual link and to reestablish it, ifnecessary, by binding endpoints or finding the pipe's currently boundendpoints.

Actual pipe implementations may differ, but peer-to-peerplatform-compliant implementations preferably use the pipe bindingprotocol to bind pipes to pipe endpoints. In one embodiment, during theabstract create operation, a local peer binds a pipe endpoint to a pipetransport. In another embodiment, bind may occur during the openoperation. Unbind occurs during the close operation. In one embodiment,each peer that “opens” a group pipe may make an endpoint available(binds) to the pipe's transport. Messages are preferably only sent toone or more endpoints bound to the pipe. Peers that have not opened thepipe preferably do not receive or send any messages on that pipe. In oneembodiment, when some peer software wants to accept incoming pipemessages, the receive operation may remove a single message in the orderit was received, not in the order it was sent. In one embodiment, a peekoperation may be used as a mechanism to see if any message(s) hasarrived in the pipe's queue.

In one embodiment, the pipe binding protocol may define messagesincluding, but not limited to, a query message and a response message.In one embodiment, a pipe binding protocol query message may be sent bya peer pipe endpoint to find a pipe endpoint bound to the same pipeadvertisement. The following is an example of one embodiment of a pipebinding protocol query message in XML, and is not intended to belimiting:

<?xml version=“1.0” encoding=“UTF-8”?> <PipeBindingQuery> <Credential>query credential </Credential> <Peer> optional tag. If present, it mayinclude the peer identifier of the only peer that should answer therequest. </Peer> <Cached> true if the reply can come from a cache</Cached> <PipeId> pipe identifier to be resolved </PipeId></PipeBindingQuery>

In one embodiment, the requestor may ask that the information not beobtained from a cache. This is to obtain the most up-to-date informationfrom a peer to address stale connection. The Peer field specifies a peeridentifier. This peer is the one that should respond to the query. Thereis preferably no guarantee that a response to a pipe binding requestwill be made. Preferably, a peer is not required to respond to a bindingrequest. Preferably, a reliable transport is not required. In oneembodiment, multiple binding query messages may be sent. None, one ormultiple responses may be received.

In one embodiment, a pipe binding protocol response message may be sentto the requesting peer by each peer bound to the pipe in response to aquery message. The following is an example of one embodiment of a pipebinding protocol response message in XML, and is not intended to belimiting:

<?xml version=“1.0” encoding=“UTF-8”?> <PipeBindingAnswer> <Credential>credential </Credential> <PipeId> pipe id resolved </PipeId> <Peer> peerURI where a corresponding InputPipe has been created </Peer> <Found>true: the InputPipe does exist on the specified peer (ACK) false: theInputPipe does not exist on the specified peer (NACK) </Found></PipeBindingAnswer>Endpoint Routing Protocol

In one embodiment, the peer-to-peer platform may include an endpointrouting protocol. The endpoint routing protocol may be used by peers tosend messages to router peers requesting available routes for sendingmessage(s) to destination peers.

A peer-to-peer platform network is typically an ad hoc, multi-hops, andadaptive network by nature. Connections in the network may be transient,and message routing may be nondeterministic. Routes may beunidirectional and change rapidly. Peers may appear and leavefrequently. Two communicating peers may not be directly connected toeach other. Two communicating peers may need to use router peers toroute messages depending on the network topology. For example, the twopeers may be on different network transports, or the peers may beseparated by a firewall or a NAT (Network Address Translation) router. Apeer behind a firewall may send a message directly to a peer outside afirewall. But a peer outside the firewall cannot establish a connectiondirectly with a peer behind the firewall.

The endpoint routing protocol may define a set of request/query messagesthat is processed by a routing service to help a peer route messages toits destination. When a peer is asked to send a message to a given peerendpoint address, it may look in its local cache to determine if it hasa cached route to this peer. If the peer does not find a route, it maysend a route resolver query message to available peer routers requestingroute information. A peer may have access to as many peer routers as itcan find, or optionally a peer may be pre-configured to access certainrouters.

Peer routers provide the low-level infrastructures to route a messagebetween two peers in the network. Any number of peers in a peer groupmay elect themselves to become peer routers for other peers. Peersrouters offer the ability to cache route information, as well asbridging different physical (different transport) or logical (firewalland NAT) networks. A peer may dynamically find a router peer via aqualified discovery search. A peer may find out if a peer it hasdiscovered is a peer router via the peer advertisement properties tag.

When a peer router receives a route query, if it knows the destination(a route to the destination), it may answer the query by returning theroute information as an enumeration of hops. The message may be sent tothe first router and that router may use the route information to routethe message to the destination peer. The route may be ordered from thenext hop to the final destination peer. At any point the routinginformation may be obsoleted, requiring the current router to find a newroute.

The peer endpoint may add extra routing information to the messages sentby a peer. When a message goes through a peer, the endpoint of that peermay leave its trace on the message. The trace may be used for loopdetection and to discard recurrent messages. The trace may also be usedto record new route information by peer routers.

In one embodiment, the endpoint routing protocol may provide the lastresort routing for a peer. More intelligent routing may be implementedby more sophisticated routing services in place of the core routingservice. High-level routing services may manage and optimize routes moreefficiently than the core service. In one embodiment, the hooksnecessary for user defined routing services to manipulate and update theroute table information (route advertisements) used by the peer routermay be provided by the endpoint routing protocol. Thus, preferablycomplex route analysis and discovery may be performed above the core byhigh-level routing services, and those routing services may provideintelligent hints to the peer router to route messages.

Router peers may cache route information. Router peers may respond toqueries with available route information. Route information may includea list of gateways along the route. In one embodiment, any peer maybecome a router peer by implementing the endpoint routing protocol. Thefollowing is an example of one embodiment of route information in XML,and is not intended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <EndpointRouter> <Credential>credential </Credential> <Src> peer identifier of the source </Src><Dest> peer identifier of the destination </Dest> <TTL> time to live</TTL> <Gateway> ordered sequence of gateway </Gateway>................... <Gateway> ordered sequence of gateway </Gateway></EndpointRouter>

The time-to-live parameter specifies how long this route is valid. Thecreator of the route can decide how long this route will be valid. Thegateways may be defined as an ordered sequence of peer identifiers thatdefine the route from the source peer to the destination peer. Thesequence may not be complete, but preferably at least the first gatewayis present. The first gateway is sufficient to initially route themessages. The remaining gateway sequence is preferably optional.

The endpoint routing protocol may provide messages including, but notlimited to, a route request message and a route answer message from therouter peer. In one embodiment, a peer may send a route request messageto a router peer to request route information. Route information may becached or not cached. In some cases, the route query request message mayindicate to bypass the cache content and thus to search dynamically fora route. Preferably, it is not guaranteed that a route response will bereceived after a query is sent. The following is an example of oneembodiment of a route query request message in XML, and is not intendedto be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <EndpointRouterQuery><Credential> credential </Credential> <Dest> peer identifier of thedestination </Dest> <Cached> true: if the reply can be a cached replyfalse: if the reply must not come from a cache </Cached></EndpointRouterQuery>

In one embodiment, a router peer may send a route answer message to apeer in response to a route information request. The following is anexample of one embodiment of a route answer message in XML, and is notintended to be limiting:

<?xml version=“1.0” encoding=“UTF-8”?> <EndpointRouterAnswer><Credential> credential </Credential> <Dest> peer id of the destination</Dest> <RoutingPeer> Peer identifier of the router that knows a routeto DestPeer </RoutingPeer> <RoutingPeerAdv> Advertisement of the routingpeer </RoutingPeerAdv> <Gateway> ordered sequence of gateways </Gateway>................... <Gateway> ordered sequence of gateways </Gateway></EndpointRouterAnswer>Routing

A peer-to-peer platform preferably provides a mechanism or mechanismsfor searching and accessing peers, peer groups, content, services andother information in a dynamic topology of peers and peer groups, wherepeers and peer groups can come and go. In one embodiment, peers and peergroups may come and go potentially with limited or no control andnotification. Peers may connect to a peer-to-peer network throughvarious wired and wireless protocols, including “not connected”protocols such as may be used by mobile consumer devices such as pagersand PDAs. Peers may also have to cross boundaries, for exampleboundaries created by firewalls and NAT (Network Address Translation)routers, to connect to other peers.

An application that supports the peer-to-peer platform preferably isable to help in routing and discovering. Some of the information neededto accomplish routing and discovering may be only known by theapplication. For example, the application may support a special type ofdata as content, and so the application may best “know” how to discoveritems of this special content. Also, the application may have a betterknowledge of the topology (related to the nature of the applicationand/or peer group) than the core peer-to-peer platform.

In one embodiment, in order to bootstrap the system, and also in orderto have a fallback mechanism if an application cannot or does notsupport one or more of the tasks, the core peer-to-peer protocols mayprovide a discovery and router mechanism for discovering peers and othercore abstractions such as advertisements, pipes, and peer groups. Thediscovery and routing mechanism of the peer-to-peer platform preferablyuses as few protocols as possible, is simple, and makes use ofunderlying optimizations when available. Hooks into the core discoveryand router mechanism may be provided so that applications and servicesmay participate in the discovery and router mechanisms, for example, bypassing information to the core discovery and router mechanism. In oneembodiment, an application or service may be allowed to override thecore discovery and router mechanism with its own custom mechanism.

In one embodiment, the core discovery and router mechanism may be basedon web crawling. Web crawling may be well suited for use inself-organizing networks such as peer-to-peer networks. In oneembodiment, peers may be configured to participate or not to participatein the discovery and router mechanism, and may be configured as to thelevel of involvement in the process In one embodiment, a peer may decidewhether to participate in a discovery or routing task depending on thepeer's configuration in the peer-to-peer network. In one embodiment, theconfiguration may be determined using an automated detection of theposition of the peer on the network and a network configuration wizardtool.

Web crawling may not create bottlenecks such as may be created by themechanism of a client knowing a server and always going to the sameserver to find and retrieve information (e.g. DNS, NFS etc.). Even if aserver is replicated, like DNS, it is still a centralized server. If allthe known instances of the server are not reachable, a client may loseaccess to the server, even if another (but unknown) server is, indeed,available. In a point-to-point network, the information a peer islooking for is generally “close by” or may eventually be “close by”, soweb crawling may not go too far.

FIG. 18 illustrates several core components and how they interact fordiscovery and routing according to one embodiment. Application 300 mayuse discovery 308 to find peers, peer groups, advertisements, and otherentities on the peer-to-peer network, and may also publish pipe, peer,peer group, service, and other advertisements for access by other peers,applications and services on the peer-to-peer network. In oneembodiment, the endpoint 310 may be responsible for exchanging messagesbetween peers that are directly “connected” to each other (i.e. thepeers can reach each other without any routing and/or discovering). Whenavailable, multicast may be used to discover peers that the endpoint canreach (multicast is a mechanism which has been introduced in IP in orderto optimize this kind of process). In addition to that, or whenmulticast is not available, A rendezvous and invitation mechanism mayalso be provided. The rendezvous and invitation method may be used, forexample, if multicast is not available. For example, HTTP does notprovide multicast capabilities.

The endpoint router 312 may manage a cache of routes, for example routesto remote peers. In one embodiment, the endpoint router 312 may beconfigured from caching no routes to caching all routes it is aware of,depending on what the configuration wizard has decided with usercontrol. The endpoint router 312 may also forward (route) messagesdepending on what is found in the cache, and what has been configured.For instance, the endpoint router 312 may be configured to route search(propagate) requests or to not route the requests.

In one embodiment, the generic resolver 308 is a protocol thatimplements a sort of RPC (query/response) protocol on top of theendpoint 310. Discovery 306 and pipe resolver 304 may use the genericresolver. In one embodiment, discovery 306 may be responsible forsearching, caching and generating core advertisements (e.g. peer, peergroup, and pipe advertisements). Discovery 306 may use the genericresolver 308 to send query messages and to receive answers. In oneembodiment, discovery 306 may be aware of rendezvous peers and may havean invitation mechanism that may be used to assist the generic resolver308. In one embodiment, the pipe resolver 304 may be responsible forlocalizing the receiving end of a pipe 302 given a pipe advertisement.In one embodiment, the pipe resolver 304 does not search for a pipeadvertisement. In one embodiment, the pipe resolver 304 may beconfigured to manage a cache of the locations of the receiving ends(i.e. receiving peers) of the pipe 302.

The pipe protocol may use the endpoint 310 for transferring messages(with the potential help of the endpoint router 312) between the sendingend of the pipe 302, and the receiving end of the pipe 302. In oneembodiment, a pipe 302 may be viewed as an endpoint 310 that has notbeen bound to a particular peer. In one embodiment, a pipe 302 may bemoved seamlessly from one peer to another. In one embodiment, a pipe 302may also provides uniqueness that may not be provided by an endpoint 310since a pipe identifier is unique in time and space, and an endpoint310, being a network address, may not be.

A discovery and router mechanism based on web crawling may betime-expensive, and higher level protocols (such as applications) mayhave information that the core is not aware of that may help in the webcrawling process. In one embodiment, to enable applications toparticipate in the process, components of the core mechanism may providehooks that enable the applications to assist in the process (e.g. byproviding information). Some transport protocols such as HTTP may beconfigured for and/or dynamically learn about web rendezvous peers itcan use. An application may be provided access to the list of rendezvouspeers. In one embodiment, an application may be allowed to set/unsetroutes in an endpoint router 312. Each route may be qualified to routeor not route propagate messages such as web crawling messages and/orunicast messages. The endpoint router 312 may be viewed as a route cachemanager, which is may be controlled by an endpoint 310 and/or otherentities that may need to control it. In one embodiment, an endpointrouter 312 may be able to discover unknown routes from applications. Inone embodiment, discovery 308 may be configured (statically and/ordynamically) to control the nature and the amount of data that itmanages. In one embodiment, discovery 308 may be taught where to gosearch, or where not to go search. In one embodiment, discovery 308 maymake an “upcall” to a search/retrieve mechanism. In one embodiment, apipe resolver 304 may manage a cache of input pipes (receiving ends). Inone embodiment, pipe resolver 304 may be accessed by applications toset/unset entries in the cache.

Router Peers

FIG. 19 illustrates one embodiment of message routing in a peer-to-peernetwork that uses the peer-to-peer platform. Peers 200 in peer groups210A and 210B may communicate with each other through one or more routerpeers 244. In one embodiment, message routing may route messages to“unreachable” peers, i.e. may allow messages sent from a peer 200 toreach peers 200 that are otherwise unreachable. Networks may bepartitioned by firewalls, NAT (Network Address Translation) routers,etc. Message routing may allow messages to be delivered in partitionednetworks. Message routing may also allow peers 200 separated by one ormore partitions to participate in the same peer group(s) 210. Messagerouting preferably provides optimized message delivery, for example byoptimizing routes between peers 200. Message routing preferably allowsfor an adaptive peer-to-peer network (e.g. peers may move to remotelocations and still receive messages). Message routing preferablyprovides load balancing. In one embodiment, any peer may be a routerpeer 244.

One embodiment may provide for HTTP routing servers. In one embodiment,HTTP routers may provide for message routes that traverse firewalls. Inone embodiment, HTTP routers may provide NAT support. In one embodiment,HTTP routers may act as message gateways (TTL). TTL stands for Time ToLive (how long the request lives in the system).

The widespread use of NAT (Network Address Translation) and firewallsmay affect the operation of many P2P systems. It also may affect thepeer-to-peer platform. In particular, a peer outside a firewall or a NATgateway cannot discover peers inside the firewall or the NAT gateway. Inthe absence of getting system administrators to let the peer-to-peerplatform traffic through (say by opening a special incoming port at thefirewall or gateway), possible methods to deal with this probleminclude, but are not limited to:

-   -   In one embodiment, peers inside firewalls may be asked to        initiate connections to peers outside the firewall.    -   In one embodiment, peer nodes may be set up that operate like        mailbox offices where traffic to a peer inside the firewall is        queued up to be picked up at a designated relay peer outside the        firewall. The peer inside the firewall can initially reach        outside the firewall, select a relay peer, and widely advertise        this fact. Later, it can periodically contact the relay peer to        retrieve messages.

One embodiment of the peer-to-peer platform may provide router peers.The router peers may be at a lower level than rendezvous peers. Therouter peers may provide “pure” message routing. By looking at thedestination and source addresses, the router peer may determine where amessage needs to be sent. In one embodiment, a router peer may call oraccess a rendezvous peer to “discover” information about peers, etc. Inother words, the router peer may access information from a rendezvouspeer to use the information in routing messages.

In one embodiment, router peers may provide the lowest message routinglayer in the peer-to-peer platform. Routing may involve complextopologies. For example, the routing peers may provide a method to routeacross a firewall, particularly from peers outside the firewall to peersinside the firewall. A peer cannot send a message directly to anotherpeer behind a firewall, since by definition there may be no direct routefrom a peer outside the firewall to a peer inside the firewall. A routerpeer may route messages to a gateway peer (a mailbox server wheremessages for peers behind the firewall may be temporarily stored). Inone embodiment, the gateway peer may be a router peer acting as agateway. The peers behind the firewall may periodically poll themailboxes provided by the gateway peer to determine if someone has triedto contact them (i.e. are there any messages in my mailbox?). Note thata “pipe” provides an abstraction at a higher level than the messagerouting provided by router peers, and thus, a pipe may be an abstractionacross the network topology between peers, for example peers on oppositesides of a firewall, through which the peers may communicate. At thelowest level, one or more router peers may discover and establish theactual communications route between the peers. This level, however, maybe transparent to the peers, who only “see” the pipes.

In one embodiment, a router peer may build a route table. The routerpeer may keep information about routes that it discovers and store themin the route table. This allows the router peer to build a knowledgebase (the route table) about the network topology as more messages flowon the system. This information may be used by the router peer todiscover and establish optimal routes between entities in the network,and may increase its ability to reach other peers.

A router peer may access another router peer it is aware of to get routeinformation. The route information may be described as a stacked set ofdestinations (and the routes to the destinations). In one embodiment,the information the router peer stores on a particular route may beincomplete, because the router peer may only know about the route up toa certain point. For example, the router peer may know about a firstportion of a route up to another router peer, which knows about the nextportion of the route, and so on.

In one embodiment, each peer has a unique peer ID that is independentof, and is not assigned to, fixed addresses. Peers may move around.Therefore, the peer-to-peer network topology may be dynamic, and maychange every time a peer goes away or moves. Thus, the routing methodprovided by the router peers is preferably dynamic to support thedynamic topology. When a peer moves and reconnects, the peer isrecognized as the same peer that was previously connected elsewhere inthe network. This process may use the unique ID of the peer to indicatethat the peer is the same one that was previously connected elsewhere.In one example, when a peer moves, it may go through a discovery processto discover peers and rendezvous peers in its new local subnet orregion. If the peer wishes to join a peer group that it used at itsprevious location, it may then attempt to discover other peers that haveknowledge of the peer group or other peers in the peer group. Themessage may be passed through several router peers until it may reach arouter peer that has knowledge about the peer group (e.g. a route to thepeer group) to return to the requesting peer. For example, a user with alaptop may fly from a home office to another city. When the userconnects to the network in the other city, a route may be established,through the services provided by router peers, to the home officenetwork peer group. The user may then access email and other servicesprovided by the peer group. From the user's standpoint, this process mayseem automatic. For example, the user may not be required to “dial in”or connect remotely to an ISP to access the office as is required intypical networks using static addressing.

In one embodiment, when a peer becomes a router peer, it may access astored route table as a starting point. In one embodiment, the peer maystart from scratch with an empty route table. In one embodiment, thepeer, when it becomes a router peer, may initiate a discovery of otherrouter peers and/or rendezvous peers to get as much connectivityinformation to key peers in the network as possible.

In one embodiment, every peer may have knowledge of at least one routerpeer. In one embodiment, there may be a “universal router” that many orall peers may be aware of that may be accessed when a peer cannot findanyone. The universal router may be able to put the peer into contactwith somebody (e.g. another peer) to help in the bootstrapping process.

Security

The security requirements of a P2P system are very similar to any othercomputer system. The three dominant requirements are confidentiality,integrity, and availability. These translate into specific functionalityrequirements that include authentication, access control, audit,encryption, secure communication, and non-repudiation. Such requirementsare usually satisfied with a suitable security model or architecture,which is commonly expressed in terms of subjects, objects, and actionsthat subjects can perform on objects. For example, UNIX has a simplesecurity model. Users are subjects. Files are objects. Whether a subjectcan read, write, or execute an object depends on whether the subject haspermission as expressed by the permissions mode specified for theobject. However, at lower levels within the system, the security modelis expressed with integers, in terms of UID, GID, and the permissionmode. Here, the low-level system mechanisms do not (need to) understandthe concept of a user and do not (need to) be involved in how a user isauthenticated and what UID and GID they are assigned.

In one embodiment, the peer-to-peer platform protocols may be compatiblewith widely accepted transport layer security mechanisms formessage-based architectures such as Secure Sockets Layer (SSL) andInternet Protocol Security (IPSec). However, secure transport protocolssuch as SSL and IPSec only provide the integrity and confidentiality ofmessage transfer between two communicating peers. In order to providesecure transfer in multi-hops network, a trust association may beestablished among all the intermediary peers. Security is compromised ifanyone of the communication links is not secured.

The peer-to-peer platform security model may be implemented to provide aP2P web of trust. The web of trust may be used to exchange public keysamong its members. Each peer group policy may permit some members to betrusted to the extent that they have the authority to sign public keysfor other members as well as to do things like authenticate, add newmembers, and remove or revoke membership.

Embodiments may implement security classes for the RSA public keyexchange, the RC4 byte stream cipher, and the SHA-1 hash algorithm,among others. These classes may enable privacy by the means of a P2P TLSimplementation; integrity with signed hashes; non-repudiation using theweb of trust; and MACs for data authenticity. Combinations of theseclasses may form security suites, and the peer-to-peer platform providesthe mechanism to add new customized suites as required.

In some embodiments, for peer group authentication a separate PluggableAuthentication Module (PAM) may be provided. Embodiments may provideanonymous or guest login, and login with user name and password. A loginsession may be in clear or cipher-text as per the peer group securitypolicy.

The security module may be available to the core level, and thusservices, applications and advanced services and applications may plugin their own security components and protocols. For example, the web oftrust may be defined by a policy that requires authorized peer groupmembers to be well-known certificate authorities, and that peersexchange X509v3 CA signed certificates.

Given that the peer-to-peer platform is defined around the concepts ofpeers and peer groups, one embodiment may include a securityarchitecture in which peer IDs and group IDs are treated as low-levelsubjects (just like UID and GID), codats are treated as objects (justlike files), and actions are those operations on peers, peer groups, andcodats.

The term “codat” as used herein refers to any computer content—code,data, applications, or other collection of computer representableresources. The peer-to-peer protocol preferably does not distinguishamong different types of resources that can be stored on a computer andshared among peers in a peer group. Examples of “codat” include textfiles, photographs, applets, executable files, serialized Java objects,SOAP messages, etc. Codats are the elementary unit of information thatis exchanged among peers. In this embodiment, given that codats may havearbitrary forms and properties, it may not be clear what sets of actionsshould be defined for them. In one embodiment, the codats may carry orinclude definitions of how they should be accessed. Such codats areanalogous to objects, which define for themselves access methods otherscan invoke.

One or more of several other characteristics of the peer-to-peerplatform may further affect the security requirements of thepeer-to-peer platform. In one embodiment, the peer-to-peer platform maybe focused on mechanisms and not policy. For example, UUIDs are usedthroughout, but they by themselves have no external meaning. Withoutadditional naming and binding services, UUIDs are just numbers that donot correspond to anything like a user or a principal. Therefore, thepeer-to-peer platform preferably does not define a high-level securitymodel such as information flow, Bell-LaPadula, or Chinese Wall. In oneembodiment, when UUIDs are bound to external names or entities to formsecurity principals, authenticity of the binding may be ensured byplacing in the data field security attributes, for example, digitalsignatures that testify to the trustworthiness of the binding. Once thisbinding is established, authentication of the principal, access controlbased on the principal as well as the prevailing security policy, andother functions such as resource usage accounting may be performed.

The peer-to-peer platform is preferably neutral to cryptographic schemesand security algorithms. As such, the peer-to-peer platform preferablydoes not mandate any specific security solution. In such cases, aframework may be provided where different security solutions can beplugged in. In one embodiment, hooks and placeholders may be provided sothat different security solutions may be implemented. For example, everymessage may have a designated credential field that may be used to placesecurity-related information. In one embodiment, exactly how tointerpret such information is not defined in the peer-to-peer platform,and may be left to services and applications.

In one embodiment, the peer-to-peer platform may sometimes satisfysecurity requirements at different levels of the system. To allowmaximum flexibility and avoid redundancy, the peer-to-peer platformpreferably does not force a particular implementation on developers.Instead, preferably, enhanced platforms based on the peer-to-peerplatform may provide the appropriate security solutions to theirtargeted deployment environment. To illustrate the last point, twosecurity concerns (communications security and anonymity) are examined.

Peers communicate through pipes. As an example, suppose bothconfidentiality and integrity in the communications channel are desired.In one embodiment, Virtual Private Networks (VPNs) may be used to moveall network traffic. In one embodiment, a secure version of the pipe maybe created, similar to a protected tunnel, such that any messagetransmitted over this pipe is automatically secured. In one embodiment,regular communications mechanisms may be used, and specific datapayloads may be protected with encryption techniques and digitalsignatures. Embodiments of the peer-to-peer platform may accommodate oneor more of these and other possible solutions.

Anonymity does not mean the absence of identity. Indeed, sometimes acertain degree of identification is unavoidable. For example, a cellphone number or a SIM card identification number cannot be keptanonymous, because it is needed by the phone company to authorize andset up calls. As another example, the IP number of a computer cannot behidden from its nearest gateway or router if the computer wants to sendand receive network traffic. In general, anonymity can be built on topof identity, but not vice versa. There may be multiple ways to ensureanonymity. In the examples above, it is difficult to link a prepaid SIMcard sold over the retail counter for cash to the actual cell phoneuser. Likewise, a cooperative gateway or router may help hide thecomputer's true IP address from the outside world by using messagerelays or NAT (Network Address Translation).

In one embodiment, a peer-to-peer platform-based naming service may binda peer to a human user. The user's anonymity may be ensured through thenaming service, or the authentication service, or a proxy service, orany combination of these. The peer-to-peer platform is preferablyindependent of the solution chosen by a particular application.

At many places, the peer-to-peer platform is preferably independent ofspecific security approaches. In one embodiment, the peer-to-peerplatform may provide a comprehensive set of security primitives tosupport the security solutions used by various peer-to-peer platformservices and applications. Embodiments of the peer-to-peer platform mayprovide one or more security primitives including, but not limited to:

-   -   A simple crypto library supporting hash functions (e.g., MD5),        symmetric encryption algorithms (e.g., RC4), and asymmetric        crypto algorithms (e.g., Diffie-Hellman and RSA).    -   An authentication framework that is modeled after PAM (Pluggable        Authentication Module, first defined for the UNIX platform and        later adopted by the Java security architecture).    -   A simple password-based login scheme that, like other        authentication modules, can be plugged into the PAM framework.    -   A simple access control mechanism based on peer groups, where a        member of a group is automatically granted access to all data        offered by another member for sharing, whereas non-members        cannot access such data.    -   A transport security mechanism that is modeled after SSL/TLS,        with the exception that it is impossible to perform a handshake,        a crypto strength negotiation, or a two-way authentication on a        single pipe, as a pipe is unidirectional.    -   The demonstration services called InstantP2P and CMS (content        management service) also make use of additional security        features provided by the underlying Java platform.

In one embodiment, peers, configurations, peer groups, and pipes formthe backbone of the peer-to-peer platform. Security in some embodimentsof the peer-to-peer platform may use credentials and authenticators(code (e.g. computer-executable instructions) that may be used toreceive messages that either request a new credential or request that anexisting credential be validated). A credential is a token that whenpresented in a message body is used to identify a sender and can be usedto verify that sender's right to send the message to the specifiedendpoint and other associated capabilities of the sender. The credentialis an opaque token that must be presented each time a message is sent.The sending address placed in the message envelope may be crosscheckedwith the sender's identity in the credential. In one embodiment, eachcredential's implementation may be specified as a plug-in configuration,which allows multiple authentication configurations to co-exist on thesame network.

Preferably, all messages include, at a minimum, a peer group credentialthat identifies the sender of the message as a full member peer in thepeer group in good standing. Membership credentials may be used thatdefine a member's rights, privileges, and role within the peer group.Content access and sharing credentials may also be used that define amember's rights to the content stored within the group.

In one embodiment, the peer-to-peer platform may provide differentlevels of security. In one embodiment, APIs may be provided to accesswell known security mechanisms such as RCA. In one embodiment, thepeer-to-peer platform may provide a distributed security mechanism in apeer-to-peer environment. In one embodiment, this distributed securitymay not depend on certificates administered by a central authority. Thedistributed security mechanism may allow a peer group “web of trust” tobe generated. In the distributed security mechanism, peers may serve ascertificate authorities (security peers). Each peer group may includeone or more peers that may serve as a certificate authority in thegroup. In one embodiment, the creator of a peer group may become thedefault security authority in the group. In one embodiment, if there ismore than one creator, the creator peers may choose one of the peers tobe the security authority in the group. In one embodiment, the peer orpeers that create a peer group may define the security methods that areto be used within the group (anywhere from no security to high levels ofsecurity). In one embodiment, more than one peer in a peer group mayserve as a security peer. Since peers are not guaranteed to be up at alltimes, having multiple security peers in a peer group may help insurethat at least one security peer is available at all times. In oneembodiment, the peer group's certificate peer may verify keys to providea weak level of trust. In one embodiment, peer-to-peer platformadvertisements may include information to describe the securitymechanism(s) to be used in a peer group. For example, the advertisementmay include information to do public key exchange, information toindicate what algorithms are to be used, etc. The advertisement may alsoinclude information that may be used to enforce secure informationexchange on pipes (e.g. encryption information). In one embodiment, peergroup security may establish a “social contract”. The role of securityis distributed across peer groups, and across members of peer groups,that all agree to participate by the rules. A peer group may establishthe set of rules by which security in the group is enforced. A peer mayjoin the peer group with a low level of security clearance (low trust).If the peer stays in the group and behaves (follows the rules), the peermay build up its level of trust within the group, and may eventually bemoved up in its security level. Within peer groups operating under asocial contract, certificates and/or public keys may be exchangedwithout the participation of a strict certificate authority; i.e. themembers may exchange certificates based upon their trust in each other.In one embodiment, a peer group may use an outside challenge (e.g. asecret group password) that may be encrypted/decrypted withpublic/private keys, as a method to protect and verify messages withinthe group. In one embodiment, peer groups may be configured to use othertypes of security, including a high level of security, for example usinga strict certificate authority, and even no security. In one embodiment,peer-to-peer platform messages exchanged within a group may have a“placeholder” for security credentials. This placeholder may be used fordifferent types of credentials, depending upon the securityimplementation of the particular group. In one embodiment, allpeer-to-peer messages within the group may be required to have theembedded credential. One embodiment may support private secure pipes.

Peer-To-Peer Platform Firewalls and Security

The peer-to-peer platform may provide one or more methods for traversingfirewalls. FIG. 20 illustrates traversing a firewall 248 in a virtualprivate network when access is initiated from outside only according toone embodiment. Peers 200 on either side of the firewall 248 may eachbelong to one or more peer groups. In one embodiment, entry may berestricted to peers 200 with access privileges. In this example, peers200A and 200B have access privileges, but peer 200C does not. Thus,peers 200A and 200B may access peers 200D and 200E through firewall 248.In one embodiment, HTTP “tunnels” may be used, with proxies 246 in the“DMZ” of the firewall 248. FIG. 21 illustrates email exchange through afirewall 248 via an email gateway 260 according to one embodiment. Inthis example, peers 200A and 200B outside the firewall 248 may exchangemessages to peers 200C and 200D via the email gateway 260. In oneembodiment, there may be an SMTP (Simple Mail Transfer Protocol) service262 on each peer 200. In one embodiment, 100% peer-to-peer access maynot be guaranteed. In one embodiment, inside the firewall 248, mailaccount administration may impose restrictions. In one embodiment, emailaddresses may not be required for all peers 200 outside of the firewall248.

FIG. 22 illustrates several methods of traversing a firewall 248 whenaccess is initiated from the inside according to one embodiment. One ormore peers 200 may be inside the firewall 248, and one or more peers 200may be outside the firewall 248. In one embodiment, each peer 200 thatneeds to traverse firewall 248 may include a mini-HTTP server. In thisembodiment, an HTTP proxy may be used to provide peer-to-peer HTTPtunnels 264 through firewall 248. In one embodiment, Secure Shell (SSH)tunnels 266 may be used to traverse firewall 248. One embodiment maysupport SOCKS connections 268 if SOCKS is supported in the firewall 248.SOCKS is typically used to telnet/ftp to the “outside”. Otherembodiments may include other methods of traversing firewalls.

In one embodiment, peer-to-peer platform core protocols may be used forfirewall traversal. In one embodiment, the impact on the peer-to-peerprotocol core may be minimized in the traversal method. In oneembodiment, peers preferably use the “pure” core protocols for traversalwhenever possible. In embodiments where the core protocols need to beextended for traversal, a “divide and conquer” technique is preferablyused. In a divide and conquer technique, any new configurations(policies) are preferably isolated behind the firewall. A proxy orproxies may then be used to mediate with and bridge to the coreprotocols.

Preferably, peers on either side of the firewall may initiate peer groupcontact with full peer-to-peer protocol implementation including, butnot limited to, the ability to initiate peer group discovery, theability to join/leave peer groups, and the ability to create end-to-endpipes (cipher text data exchange when required).

FIG. 23 illustrates one embodiment of a peer-to-peer platform proxyservice 270, and shows various aspects of the operation of the proxyservice. One or more peers 200 may be inside a firewall 248, and one ormore peers 200 may be outside the firewall 248. Peer-to-peer platformproxy service 270 is also shown outside the firewall 248. Proxy service270 may be used to enable peer 200 and peer group contact acrossfirewall 248. Firewall 248 may include an email gateway 260. In oneembodiment, the proxy service 270 may be used to bridge peer-to-peerplatform protocols 272 with HTTP 274, email 276 and/or SOCKS 278. Theproxy service 270 may allow peers 200 to send requests to communicateacross firewall 248. Through the proxy service 270, peer-to-peerplatform messages may be posted for delivery across the firewall 248. Inone embodiment, the proxy service 270 may allow secure pipes to beestablished across the firewall 248 as necessary.

FIG. 24 illustrates a method of using a proxy service for peer groupregistration according to one embodiment. The proxy service may permitfirewall-independent peer group membership. Three peer regions 212 areshown, with two (region 212A and 212B) on one side of firewall 248 andone (region 212C) on the other side of firewall 248. A peer group 210may be established that extends across the firewall 248 into regions212A, 212B and 212C. One or more peers 200 in each region 212 may bemembers of the peer group 210.

FIG. 25 illustrates peer group registration across a firewall accordingto one embodiment. Peer region 212A is shown outside of a firewall 248and peer region 212B is behind the firewall 248. Peer region 212Aincludes a peer-to-peer platform proxy service 270 and several peers200. In one embodiment, a peer 200 may be serving as a proxy peer thatprovides the proxy service 270. Peer region 212B includes several peers200 behind the firewall 248. At some point, peer 200D in peer region212B may form a peer group 210. An advertisement for the peer group 210may be registered on the proxy service 270 in the region 212A. One ormore peers 200 in region 212A may be notified of the newly registeredpeer group 200 by the proxy service 270. In one embodiment, the proxyservice may also notify other known peer-to-peer platform proxy servicesin this or other regions 212, who in turn may notify other proxyservices, and so on. Peers 200 in region 212A may then apply formembership in peer group 200.

FIG. 26 illustrates a method of providing peer group membership througha peer-to-peer platform proxy service according to one embodiment. Peerregions 212A and 212B are shown outside of a firewall 248, and peerregion 212C is behind the firewall 248. The two peer group regions 212outside the firewall 248 each include a proxy service 270. At least oneof the peers (peer 200F, in this example) in region 212C behind thefirewall belongs to a peer group 210. The peer group 210 may beregistered with the proxy services 270 in the regions 212A and 212Boutside the firewall 248. A peer 200 in either of the regions outsidethe firewall may join the peer group 200 by proxy through the proxyservice 270 in its region 212. Peers 200 in the regions 212 outside thefirewall 248 that are members of the peer group 210 may also leave thepeer group 210 through the proxy service 270. Membership information(e.g. included in peer group advertisements) for the peer group 200 maybe synchronized on all known proxy services 270 outside the firewall248. In one embodiment, a proxy service 270 may be a member peer of alllocally registered peer groups 200.

Several levels of authentication may be provided in one or moreembodiments of the peer-to-peer platform. Anonymous login may beprovided in one embodiment. In one embodiment, a plain text login (useror user and password) may be provided. In one embodiment, login withprivacy may be provided. In this embodiment, public key exchange may beused and/or a symmetric master key. The login process preferably returnsa credential to the joining peer so that the peer may bypass the loginprocess until the credential expires. One embodiment may provide apublic key chain that may be used by registered users to eliminatepublic key exchanges and thus provides unauthenticated access. Onembodiment may provide secure public key exchange with signedcertificates.

FIGS. 27A and 27B illustrate a method of providing privacy in thepeer-to-peer platform according to one embodiment. FIG. 27A shows a peerregion 212 with peers 200A and 200B and a peer-to-peer platform proxyservice 270. Peers 200A and 200B may fetch and cache public keys from apublic key chain 280 of the proxy service 270.

The cached public keys preferably have expiration dates. Peers 200Aand/or 200B may compute a master secret key for one or more of thepublic keys. Using the keys, cipher text may be exchanged between peers200A and 200B in privacy as illustrated in FIG. 27B.

The peer-to-peer platform may include one or more methods for providingdata integrity in the peer-to-peer environment. These methods may beused to insure that what is sent is what is received. One embodiment mayuse a standard hash on data (e.g. Secure Hash Algorithm (SHA-1) asdefined by the Secure Hash Standard of the Federal InformationProcessing Standards Publication 180-1). A weak form and/or a strongform may be used in embodiments. In one embodiment, the weak form mayuse a public key ring and symmetric master to sign data. This method maywork best between two peers each having he other's public key. In oneembodiment, the strong form may use a symmetric key algorithm such asRSA (Rivest-Shamir-Adleman) and certificate authorities. In oneembodiment, the peer-to-peer platform may provide a proxy publiccertificate authority service. The authority service may create, signand distribute certificates (e.g. X509 certificates) for all peers on apublic key chain. The proxy service's public key is preferably residenton each proxied peer. Other embodiments may utilize other integritymethods.

FIGS. 28A and 28B illustrate one embodiment of a method for using apeer-to-peer platform proxy service as a certificate authority. FIG. 28Aillustrates a peer region 212 with several peers 200 and a proxy service270. The proxy service 270 may distribute signed certificates inresponse to peer requests as required. The peers 200 may validate theproxy service 270 signature using a proxy service public key. Asillustrated in FIG. 28B, when exchanging content with other peers 200, apeer 200 may sign the content with the destination peer's public key anddistribute the cipher text.

Bootstrapping Mechanism

In the absence of an application, the peer-to-peer platform preferablyprovides a mechanism that may be used to discover basic coreabstractions (e.g. peer, peer groups, advertisements, pipes). This basicmechanism is needed for bootstrapping a system, and so may be referredto as a bootstrapping mechanism. For example, if a user just downloadeda binary image that enables a device to become a peer in a peer-to-peernetwork that implements the peer-to-peer platform, the bootstrappingmechanism may be used to discover core abstractions since the “fresh”system may not have knowledge of or access to higher-level services.

The tasks of searching, discovering, and/or routing in a peer-to-peernetwork may be complicated. There are many different types of content,and there may not be a generic mechanism to best accomplish those tasksfor all types of content. Therefore, letting an application orhigher-level service perform these high-level search may be preferable,while providing simple, small, mechanisms for bootstrapping peer-to-peerplatform-enabled applications.

The policies and/or protocols used by the core in order to achieve thisbootstrapping are preferably as simple as possible and preferably may beimplemented and used on a wide variety of platforms (e.g. PDAs, pagers,smart appliances, laptops, workstations, clusters of servers, etc.) andin a variety of network topologies. For example, some peers may not useTCP/IP, and some may not be connected to the Internet. The bootstrappingmechanism may be used as a fallback mechanism when nothing else isuseable (e.g. in case of a failure of higher lever services). Thebootstrapping mechanism is preferably highly configurable. In oneembodiment, configuration “wizards” may be used for automaticconfiguration of the bootstrapping mechanism.

In one embodiment, other services (e.g. higher-level services and/oroptional services) and applications may take over control of thebootstrapping mechanism. In one embodiment, the core protocols mayprovide an API or APIs to allow the service and/or application todynamically teach and/or reconfigure the core policies. In oneembodiment, a service or application may dynamically overload (i.e.replace) the core policies. For example, this may be done when thedesign of the application is so dependant on a specific algorithm thatit cannot handle the default core policies.

Providing the bootstrapping mechanism in the peer-to-peer platform mayhelp to allow the peer-to-peer platform to be used straight “out of thebox”, and/or to be easily configured and installed, for use with apeer-to-peer platform-enabled application.

Peer Monitoring and Metering

Peer monitoring may include the capability to closely keep track of a(local or remote) peer's status, to control the behavior of a peer, andto respond to actions on the part of a peer. These capabilities may beuseful, for example, when a peer network wants to offer premium serviceswith a number of desirable properties such as reliability, scalability,and guaranteed response time. For example, a failure in the peer systemis preferably detected as soon as possible so that corrective actionscan be taken. It may be preferable to shut down an erratic peer andtransfer its responsibilities to another peer.

Peer metering may include the capability to accurately account for apeer's activities, in particular its usage of valuable resources. Such acapability is essential if the network economy is to go beyond flat-rateservices. Even for providers offering flat rate services, it is to theiradvantage to be able to collect data and analyze usage patterns in orderto be convinced that a flat rate structure is sustainable andprofitable.

In one embodiment, the peer-to-peer platform may provide monitoring andmetering through the peer information protocol, where a peer can queryanother peer for data such as up time and amount of data handled.Security is important in peer monitoring and metering. In oneembodiment, a peer may choose to authenticate any command it receives.In one embodiment, a peer may decide to not answer queries from suspectsources.

Peer-To-Peer Platform Shell Application

One embodiment of the peer-to-peer platform may include a shellapplication as a development environment built on top of the platform.In one embodiment, the shell application may provide interactive accessto the peer-to-peer platform via a simple command line interface. Withthe shell, shell scripts may be written. The shell may be executed in anetworked environment. A user command in the shell may generate asequence of message exchanges between a set of peers, with somecomputation occurring on remote peer nodes, and with the answer beingreturned to the user of the shell. Using the shell, peer-to-peer corebuilding blocks such as peers, peer groups, pipes, and codats may bemanipulated. Codats are units of contents that can hold both code anddata. For example, a user, through the shell, can publish, search, andexecute codats, discover peers or peer groups, create pipes to connecttwo peers, and send and receive messages.

In one embodiment, an interpreter in the shell may operate in a loop: itaccepts a command, interprets the command, executes the command, andthen waits for another command. The shell may display a prompt to notifyusers that it is ready to accept a new command.

In one embodiment with a Java-based implementation of the peer-to-peerplatform, one or more of the shell commands may not be built in per se.The commands may be Java language programs and are dynamically loadedand started by the shell framework when the corresponding commands aretyped in. Therefore, adding a new shell command may be performed bywriting a program in the Java language.

In one embodiment, the shell may provide a “pipe” capability to redirecta command output pipe into another command input pipe. In oneembodiment, shell commands may be given a standard input, output anderror pipes that a user can connect, disconnect and reconnect to othershell commands. Commands can support other pipes if needed. In oneembodiment of the shell, a user may dynamically disconnect and reconnectpipes between commands, as in the following example:

xxxx > cat > p1 myfile xxxx > grep < p1 abcd xxxx > grep < p1 efgh

In the above example, the first command “cat>p1 myfile” cats myfile intothe output pipe p1. The second command then connects pipe p1 to grep'sinput pipe and searches for the string abcd. The third command thendisconnects p1, redirects it to the new grep command's input pipe andsearches for the string efgh.

In one embodiment, the peer-to-peer platform shell supports piping inboth directions. A special operator such as “<>” may used for creatingcrossing pipes between two commands. For example, with the followingcommand “cmd1 <>cmd2”, the output pipe of the first command is connectedto the standard input pipe of the second command, and at the same timethe output pipe of the second command is connected to the standard inputpipe of the first command. Of course, this operator has to be usedcarefully to avoid infinite data loops.

In one embodiment, applications other than peer-to-peer platformapplications may be run from the shell. For content management, MIMEtype information included with a codat may be used to let localapplications associated with well-known content types handle themautomatically. The peer-to-peer platform may support the development ofadaptors to allow the execution of external programs with appropriatesecurity safeguards. An adapter may essentially map data and connectapplications for remote launches. Some examples might be:

-   -   UNIX® stdio to peer-to-peer platform stdio adapter—such an        adaptor may enable piping of peer-to-peer platform commands to        UNIX® commands on UNIX® platforms.    -   Peer-to-peer platform stream to a media player adapter—such an        adaptor may be platform- and application-specific, but may        handle any necessary real-time data conversion between a        peer-to-peer platform pipe and the format required by the        player. These need not be unidirectional. For example, one might        adapt the output of a video capture application to become a        peer-to-peer platform stream.    -   HTML to peer-to-peer platform stdio—such an adaptor may be used        to post and get information to/from Web pages to allow        peer-to-peer platform peers to interact with existing Web sites.        For example, a peer-to-peer platform command can launch a search        for titles and prices on Amazon and pipe the results to other        peer-to-peer platform services.

CONCLUSION

Various embodiments may further include receiving, sending or storinginstructions and/or data implemented in accordance with the foregoingdescription upon a carrier medium. Generally speaking, a carrier mediummay include storage media or memory media such as magnetic or opticalmedia, e.g., disk or CD-ROM, volatile or non-volatile media such as RAM(e.g. SDRAM, DDR SDRAM, RDRAM, SRAM, etc.), ROM, etc. as well astransmission media or signals such as electrical, electromagnetic, ordigital signals, conveyed via a communication medium such as networkand/or a wireless link.

Various modifications and changes may be made as would be obvious to aperson skilled in the art having the benefit of this disclosure. It isintended that the invention embrace all such modifications and changesand, accordingly, the above description to be regarded in anillustrative rather than a restrictive sense.

1. A peer computing system, comprising: a plurality of peer nodes,operable to couple to a network, wherein the plurality of peer nodes areoperable to participate a peer-to-peer environment on the network inaccordance with one or more peer-to-peer platform protocols for enablingthe plurality of peer nodes to discover each other, communicate witheach other, and cooperate with each other to form peer groups and sharenetwork resources in the peer-to-peer environment; and a resolver nodeoperable to: receive a query message from one of the plurality of peernodes, wherein the query message is formatted in accordance with a peerresolver protocol, wherein the query message indicates a request to aresource implemented by one or more of the plurality of peer nodes;determine a particular instance of the resource on a particular one ofthe one or more peer nodes; and forward the query message to thedetermined resource instance.
 2. The peer computing system as recited inclaim 1, wherein the determined resource instance is configured on theparticular one of the one or more of peer nodes to send a responsemessage in response to the query message to the peer node of theplurality of peer nodes sending the query message, wherein the responsemessage is formatted in accordance with the peer resolver protocol. 3.The peer computing system as recited in claim 1, wherein the determinedresource instance is configured on the particular one of the one or morepeer nodes to send a response message in response to the query messageto the resolver node, wherein the resolver node is operable to forwardthe response message to the peer node of the plurality of peer nodessending the query, and wherein the response message is formatted inaccordance with the peer resolver protocol.
 4. The peer computing systemas recited in claim 1, wherein the resource implemented by the one ormore peer nodes is configured on each of the one or more peer nodes to:implement one or more resource handlers wherein each of the one or moreresource handlers is operable to: receive the query message; andgenerate a response message in response to the query message formattedin accordance with the peer resolver protocol; and register the one ormore resource handlers with the resolver node.
 5. The peer computingsystem as recited in claim 4, wherein the query message includes ahandler name specifying one of the one or more resource handlers togenerate the response message.
 6. The peer computing system as recitedin claim 4, wherein the response message includes a handler namespecifying one of the one or more resource handlers that generated theresponse message.
 7. The peer computing system as recited in claim 1,wherein the resource is a service.
 8. The peer computing system asrecited in claim 1, wherein the resource is content.
 9. The peercomputing system as recited in claim 1, wherein the resource is anapplication.
 10. The peer computing system as recited in claim 1,wherein the resolver node is a peer node of the plurality of peer nodes.11. The peer computing system as recited in claim 1, wherein theresolver node is operable to cache query messages and cache responsemessages.
 12. The peer computing system as recited in claim 1, whereinthe query message includes a credential corresponding to the peer nodesending the query message, wherein the resolver node is further operableto: determine if the peer node is authorized to access the resourceusing the credential of the peer node included in the query message; andprohibit the peer node from accessing the resource if the peer node isnot authorized.
 13. The peer computing system as recited in claim 1,wherein the query message includes a query identifier for identifyingthe query message.
 14. The peer computing system as recited in claim 1,wherein the query message includes a query field specifying therequested information.
 15. The peer computing system as recited in claim1, wherein the response message includes a credential corresponding tothe particular one of the one or more peer nodes hosting the determinedresource instance to which the query message was forwarded.
 16. The peercomputing system as recited in claim 1, wherein the response messageincludes a query identifier corresponding to the query message.
 17. Thepeer computing system as recited in claim 1, wherein the responsemessage includes a response field comprising the information requestedby the query message.
 18. The peer computing system as recited in claim1, wherein, in the determination, the determined resource instance is aresource instance located a fewest number of hops on the network fromthe peer node sending the query message.
 19. The peer computing systemas recited in claim 1, wherein, in the determination, the determinedresource instance is implemented on the particular one of the one ormore peer nodes that has the least processing load of the one or m orepeer nodes.
 20. The peer computing system as recited in claim 1, furthercomprising: a rendezvous node coupled to the network; wherein therendezvous node is operable to: receive the query message; determinewhether to propagate the query message to one or more of the pluralityof peer nodes; propagate the query message to one or more of theplurality of peer nodes if it is determined to propagate the querymessage to one or more of the plurality of peer nodes; discard the querymessage if it is determined not to propogate the query message;determine whether to designate the rendezvous node as the originator ofthe query message; and designate the rendezvous node as the originatorof the query message if it is determined to designate the rendezvousnode as the originator of the query message.
 21. The peer computingsystem as recited in claim 20, wherein in said determining, therendezvous node is configured to communicate with a service on thenetwork, wherein the service is operable to: determine whether topropagate the query message; and determine whether to designate therendezvous node as the originator of the query message.
 22. A resolvernode, comprising: a processor; a port operable to couple the peer nodeto a network; a memory operable to store program instructions, whereinthe program instructions are executable by the processor to: receive aquery message from a peer node on the network, wherein the query messageis formatted in accordance with a peer resolver protocol, wherein thequery message indicates a request to a resource implemented by one ormore other peer nodes on the network; determine a particular instance ofthe resource on a particular one of the one or more other peer nodes;forward the query message to the determined resource instance.
 23. Theresolver node as recited in claim 22, wherein the determined resourceinstance is configured on the other peer node to send a response messagein response to the query message to the peer node, wherein the responsemessage is formatted in accordance with the peer resolver protocol. 24.The resolver node as recited in claim 22, wherein the determinedresource instance is configured on the other peer node to send aresponse message in response to the query message to the resolver node,wherein the resolver node is operable to forward the response message tothe peer node, and wherein the response message is formatted inaccordance with the peer resolver protocol.
 25. The resolver node asrecited in claim 22, wherein the resource implemented by the one or morepeer nodes is configured on each of the one or more peer nodes to:implement one or more resource handlers wherein each of the one or moreresource handlers is operable to: receive the query message; andgenerate a response message in response to the query message formattedin accordance with the peer resolver protocol; and register the one ormore resource handlers with the resolver node.
 26. The resolver node asrecited in claim 25, wherein the query message includes a handler namespecifying one of the one or more resource handlers to generate theresponse message.
 27. The resolver node as recited in claim 25, whereinthe response message includes a handler name specifying one of the oneor more resource handlers that generated the response message.
 28. Theresolver node as recited in claim 22, wherein the resource is a service.29. The resolver node as recited in claim 22, wherein the resource iscontent.
 30. The resolver node as recited in claim 22, wherein theresource is an application.
 31. The resolver node as recited in claim22, wherein the resolver node is a peer node.
 32. The resolver node asrecited in claim 22, wherein the resolver node is operable to cachequery messages and cache response messages.
 33. The resolver node asrecited in claim 22, wherein the query message includes a credentialcorresponding to the peer node, wherein the program instructions arefurther executable to: determine if the peer node is authorized toaccess the resource using the credential of the peer node included inthe query message; and prohibit the peer node from accessing theresource if the peer node is not authorized.
 34. The resolver node asrecited in claim 22, wherein the query message includes a queryidentifier for identifying the query message.
 35. The resolver node asrecited in claim 22, wherein the query message includes a query fieldspecifying the requested information.
 36. The resolver node as recitedin claim 22, wherein the response message includes a credentialcorresponding to the other peer node.
 37. The resolver node as recitedin claim 22, wherein the response message includes a query identifiercorresponding to the query message.
 38. The resolver node as recited inclaim 22, wherein the response message includes a response fieldcomprising the information requested by the query message.
 39. Theresolver node as recited in claim 22, wherein, in the determination, thedetermined resource instance is a resource instance located a fewestnumber of hops on the network from the peer node sending the querymessage.
 40. The resolver node as recited in claim 22, wherein, in thedetermination, the determined resource instance is implemented on theparticular one of the one or more other peer nodes that has the leastprocessing load of the one or more other peer nodes.
 41. A peercomputing system, comprising: a plurality of peer nodes, operable tocouple to a network, wherein the plurality of peer nodes are operable toparticipate a peer-to-peer environment on the network in accordance withone or more peer-to-peer platform protocols for enabling the pluralityof peer nodes to discover each other, communicate with each other, andcooperate with each other to form peer groups and share networkresources in the peer-to-peer environment; and means for receiving aquery message from one of the plurality of peer nodes, wherein the querymessage is formatted in accordance with a peer resolver protocol,wherein the query message indicates a request to a resource implementedby one or more of the plurality of peer nodes; means for determining aparticular instance of the resource on a particular one of the one ormore peer nodes; means for forwarding the query message to thedetermined resource instance.
 42. The peer computing system as recitedin claim 41, further comprising means for sending a response message inresponse to the query message to the peer node of the plurality of peernodes sending the query message, wherein the response message isformatted in accordance with the peer resolver protocol.
 43. The peercomputing system as recited in claim 41, further comprising: means forimplementing one or more resource handlers for receiving the querymessage on the resource implemented by the one or more peer nodes; meansgenerating a response message using a particular one of the one or moreresource handlers in response to the query message formatted inaccordance with the peer resolver protocol.
 44. The peer computingsystem as recited in claim 41, wherein the query message includes ahandler name specifying one of the one or more resource handlers togenerate the response message.
 45. The peer computing system as recitedin claim 41, wherein the response message includes a handler namespecifying one of the one or more resource handlers that generated theresponse message.
 46. The peer computing system as recited in claim 41,wherein the resource is a service.
 47. The peer computing system asrecited in claim 41, wherein the resource is content.
 48. The peercomputing system as recited in claim 41, wherein the resource is anapplication.
 49. The peer computing system as recited in claim 41,further comprising: means for caching query messages; and means forcaching response messages.
 50. The peer computing system as recited inclaim 41, wherein the means for determining comprise means fordetermining a particular resource instance located a fewest number ofhops on the network from the peer node sending the query message. 51.The peer computing system as recited in claim 41, wherein the means fordetermining comprise means for determining a particular resourceinstance on the particular one of the one or more peer nodes that hasthe least processing load of the one or more peer nodes.
 52. The peercomputing system as recited in claim 41, further comprising means fordetermining if the peer node is authorized to access the requestedresource.
 53. The peer computing system as recited in claim 41, furthercomprising: a rendezvous node coupled to the network operable to receivethe query message; means for determining whether to propagate the querymessage to one or more of the plurality of peer nodes; means forpropagating the query message to one or more of the plurality of peernodes if it is determined to propagate the query message to one or moreof the plurality of peer nodes; means for discarding the query messageif it is determined not to propogate the query message; means fordetermining whether to designate the rendezvous node as the originatorof the query message; and means for designating the rendezvous node asthe originator of the query message if it is determined to designate therendezvous node as the originator of the query message.
 54. A method,comprising: implementing a peer-to-peer environment on a network inaccordance with one or more peer-to-peer platform protocols for enablinga plurality of peer nodes to discover each other, communicate with eachother, and cooperate with each other to form peer groups and sharenetwork resources in the peer-to-peer environment; receiving a querymessage from one of the plurality of peer nodes, wherein the querymessage is formatted in accordance with a peer resolver protocol,wherein the query message indicates a request to a resource implementedby one or more of the plurality of peer nodes; determining a particularinstance of the resource on a particular one of the one or more peernodes; and forwarding the query message to the determined resourceinstance.
 55. The method as recited in claim 54, further comprisingsending a response message in response to the query message to the peernode sending the query message, wherein the response message isformatted in accordance with the peer resolver protocol.
 56. The methodas recited in claim 54, further comprising: implementing one or moreresource handlers for receiving the query message on the resourceimplemented by the one or more peer nodes; generating a response messageusing a particular one of the one or more resource handlers in responseto the query message formatted in accordance with the peer resolverprotocol.
 57. The method as recited in claim 56, wherein the querymessage includes a handler name specifying one of the one or moreresource handlers to generate the response message.
 58. The method asrecited in claim 56, wherein the response message includes a handlername specifying one of the one or more resource handlers that generatedthe response message.
 59. The method as recited in claim 54, wherein theresource is a service.
 60. The method as recited in claim 54, whereinthe resource is content.
 61. The method as recited in claim 54, whereinthe resource is an application.
 62. The method as recited in claim 54,wherein s aid determining comprises determining a particular resourceinstance located a fewest number of hops on the network from the peernode sending the query message.
 63. The method as recited in claim 54,wherein said determining comprises determining a particular resourceinstance on the particular one of the one or more peer nodes that hasthe least processing load of the one or more peer nodes.
 64. The methodas recited in claim 54, wherein the query message includes a credentialfor the peer node, wherein the method further comprises: determining ifthe peer node is authorized to access the resource using the credentialof the peer node included in the query message; and prohibiting the peernode from accessing the resource if the peer node is not authorized. 65.The method as recited in claim 54, further comprising: determiningwhether to propagate the query message received by a rendezvous nodecoupled to the network to one or more of the plurality of peer nodes;propagating the query message to one or more of the plurality of peernodes if it is determined to propagate the query message to one or moreof the plurality of peer nodes; discarding the query message if it isdetermined not to propogate the query message; determining whether todesignate the rendezvous node as the originator of the query message;and designating the rendezvous node as the originator of the querymessage if it is determined to designate the rendezvous node as theoriginator of the query message.
 66. A tangible, computer-readablemedium configured to store program instructions, wherein the programinstructions are computer-executable to implement: implementing apeer-to-peer environment on a network in accordance with one or morepeer-to-peer platform protocols for enabling a plurality of peer nodesto discover each other, communicate with each other, and cooperate witheach other to form peer groups and share network resources in thepeer-to-peer environment; and receiving a query message from one of theplurality of peer nodes, wherein the query message is formatted inaccordance with a peer resolver protocol, wherein the query messageindicates a request to a resource implemented by one or more of theplurality of peer nodes; determining a particular instance of theresource on a particular one of the one or more peer nodes; forwardingthe query message to the determined resource instance.
 67. The tangible,computer-readable medium as recited in claim 66, wherein the programinstructions are further executable to implement sending a responsemessage in response to the query message to the peer node sending thequery message, wherein the response message is formatted in accordancewith the peer resolver protocol.
 68. The tangible, computer-readablemedium as recited in claim 66, wherein the program instructions arefurther executable to implement: implementing one or more resourcehandlers for receiving the query message on the resource implemented bythe one or more peer nodes; generating a response message using aparticular one of the one or more resource handlers in response to thequery message formatted in accordance with the peer resolver protocol.69. The tangible, computer-readable medium as recited in claim 66,wherein, in said determining, the program instructions are furtherexecutable to implement determining a particular resource instancelocated a fewest number of hops on the network from the peer nodesending the query message.
 70. The tangible, computer-readable medium asrecited in claim 66, wherein, in said determining, the programinstructions are further executable to implement determining aparticular resource instance on the particular one of the one or morepeer nodes that has the least processing load of the one or more peernodes.
 71. The tangible, computer-readable medium as recited in claim66, wherein, in said determining, the program instructions are furtherexecutable to implement: determining whether to propagate the querymessage received by a rendezvous node coupled to the network to one ormore of the plurality of peer nodes; propagating the query message toone or more of the plurality of peer nodes if it is determined topropagate the query message to one or more of the plurality of peernodes; discarding the query message if it is determined not to propagatethe query message; determining whether to designate the rendezvous nodeas the originator of the query message; and designating the rendezvousnode as the originator of the query message if it is determined todesignate the rendezvous node as the originator of the query message.